Category: network security

Configuring a Network to use a NTP Server Part one: Finding a Time Source

  |   By

Keeping your network synchronized with the correct time is crucial for modern networking. Because of the value of timestamps in communciating globally and across multi-networks, it is imperative that every machine is running a source of UTC (Coordinated Universal Time).

UTC was developed to allow the entire global community to use the same time no matter where they are on the globe as UTC doesn’t use time-zones so it allows accurate communication regardless of location.

However, finding a source of UTC is often where some network administrators fall down when they are attempting to synchronize a network. There are many areas that a source of UTC can be received from but very few that will provide both accurate and secure reference to the time.

The internet is full of purported sources of UTC, however, many of them offer no where near their acclaimed accuracy. Furthermore, resorting to the internet can lead to security vulnerabilities.

Internet time sources are external to the firewall and therefore a hole has to be left open which can be taken advantage of by malicious users. Furthermore, NTP, the protocol used to distribute and receive time sources, cannot instigate its authentication security measure across the internet so it is not possible to ensure the time is coming from where it is supposed to.

External sources of UTC time are far more secure. There are two methods used by most administrators. Long wave radio signals as broadcast by national physics laboratories and the GPS signal which is available everywhere on the globe.

The external sources of UTC ensure your NTP network is receiving not just an accurate source of UTC but also a secure one.

Using NTP Networks

  |   By

Network Time Protocol is by far the most widely used application for synchronizing computer time across local area networks and wider areas networks (LANs and WANs). The principles behind NTP are fairly simple. It checks the time on a system clock and compares it with an authoritative, single source of time, making corrections to the devices to ensure they are all synchronized to the time source.

Selecting the time source to use is perhaps the fundamentally most important thing in setting up a NTP network. Most network administrators opt, quite rightly to use a source of UTC time (Coordinated Universal Time). This is a global timescale and means that a computer network synchronized to UTC is not only using the same timescale as every other UTC synchronized network but also there is no need to worry about different time zones around the globe.

NTP uses different layers, known as strata, to determine the closeness and therefore accuracy, to a time source. As UTC is governed by atomic clocks, any atomic clock giving out a time signal is referred to as stratum 0 and any device that receives the time directly from an atomic clock is stratum 1. Stratum 2 devices are devices that receive the time from stratum 1 and so on. NTP supports over 16 different stratum levels although accuracy and reliable decrease with each stratum layer further away you get.

Man network administrators opt to use an internet source of UTC time. Apart from the security risks of using a time source from the internet and allowing it access through your firewall. Internet time servers are also stratum 2 devices in that they are normally servers that receive the time from single stratum 1 device.

A dedicated NTP time server on the other had are stratum 1 devices in themselves. They receive the time directly from atomic clocks, either via GPS or long wave radio transmissions. This makes them far more secure than internet providers as the time source is external to the network (and firewall) but also it makes them more accurate.

With a stratum 1 time server a network can be synchronized to within a few milliseconds of UTC without risk of compromising your security.

Perfect Time Synchronization for Windows

  |   By

Most Windows operating systems have an integrated time synchronisation service, installed by default that can synchronise the machine or indeed a network. However, for security reasons, it is highly recommended by Microsoft, amongst others, that an external time source is used.

NTP time servers securely and accurately receive the UTC time signal from the GPS network or the WWVB radio transmissions (or European alternatives).  NTP time servers can synchronize a single Windows machine or an entire network to within fractions of a second of the correct UTC time (Coordinated Universal Time).

A NTP time server provides precise timing information 24 hours-a-day, 365 days-a-year anywhere on the entire globe. A dedicated NTP time server is the only secure, safe and reliable method of synchronizing a computer network to UTC (Coordinated Universal Time). External to the firewall, an NTP time server does not leave a computer system vulnerable to malicious attacks unlike Internet timing sources via the TCP-IP port.

A NTP time server is not only secure, it receives a UTC time signal direct from atomic clocks unlike Internet timing sources which are really time servers themselves. NTP servers and other time synchronization tools can synchronize entire networks, single PCs, routers and a whole host of other devices. Using either GPS or the North American WWVB signal, a dedicated NTP time server from will ensure all your devices are running to within a fraction of UTC time.

A NTP time server will:

•    Increase network security
•    Prevent data loss
•    Enable logging and tracking of errors or security breaches
•    Reduce confusion in shared files
•    Prevent errors in billing systems and time sensitive transactions
•    Can be used to provide incontestable evidence in legal and financial disputes

Computer Network Timing Solutions

  |   By

Computer networks and the internet have dramatically changed the way we live our lives. Computers are now in constant communication with each other making possible transactions such as online shopping, seat reservation and even email.

However, all this is only possible thanks to accurate network timing and in particular the use of Network Time Protocol (NTP) used to ensure all machines on a network are running the same time.

Timing synchronization is crucial for computer networks. Computers use time in the form of timestamps as the only marker to separate two events, without synchronization computers have difficulty in establishing the order of events or indeed if an event has happened or not.

Failing to synchronize a network can have untold effects. Emails may arrive before they are sent (according to the computer’s clock), data may get lost or fail to store and worst-of-all, the entire network could be vulnerable to malicious users and even fraudsters.

Synchronization with NTP is relatively straight forward as most operating systems have a version of the time protocol already installed; however, choosing a timing reference to synchronize to is more challenging.

UTC (Coordinated Universal Time) is a global timescale governed by atomic clocks and is used by nearly all computer networks across the globe. By synchronizing to UTC a computer network is essentially synchronizing the network time with ever other computer network in the world that uses UTC.

The internet has plenty of sources of UTC available but security issues with the firewall means the only safe method of receiving UTC is externally. Dedicated NTP time servers can do this using either long wave radio or GPS satellite transmissions.

Using a NTP Server in your Network

  |   By

The Network Time Protocol server is used in computer networks all over the world. It keeps an entire network’s systems and devices synchronised to the same time, normally a source of UTC (Coordinated Universal Time).

But is a NTP time server a necessary requirement and can your computer network survive without one?  The short answer is perhaps yes, a computer network can survive without a NTP server but the consequences can be dramatic.

Computers are meant to make our lives easier but any network administrator will tell you they can cause an awful amount of difficulty when they inevitably go wrong and without adequate time synchronisation, identifying an error and putting it right can be nearly impossible.

Computers use the time in the form of a timestamp as the only reference they have to distinguish between two events. Whilst computers and networks will still function without adequate synchronisation they are extremely vulnerable. Not only is locating and correcting errors extremely difficult if machines are not synchronised the network will be vulnerable to malicious users and viral software that can take advantage of it.

Furthermore, failing to synchronise to UTC can cause problems if the network is to communicate with other networks that are synchronised. Any time sensitive transactions could fail and the system could be open to potential fraud or other legal implications as proving the time of a transaction could be near impossible.

NTP servers are easy to install and receive the UTC time signal from either long wave transmissions or the GPS satellite network which they then distribute amongst the network’s machines. As a dedicated NTP time server operates externally to the network firewall it does so without compromising security.

Does my Computer Network Need to be Synchronized to an Atomic Clock?

  |   By

Time synchronization with network time protocol servers (NTP servers) is now a common consideration for network administrators, although, keeping exact time as told by an atomic clock on a computer network is often seen as unnecessary by some administrators

So what are the advantages of synchronizing to an atomic clock and is it necessary for your computer network?  Well the advantages of having accurate time synchronization are manifold but it is the disadvantages of not having it that are most important.

UTC time (Coordinated Universal Time) is a global timescale that is kept accurate by a constellation of atomic clocks from all over the world. It is UTC time that NTP time servers normally synchronize too. Not just that it provides a very accurate time reference to for computer networks to synchronize too but also it is used by millions of such networks across the globe therefore synchronizing to UTC is equivalent to synchronizing a computer network to every other network on the globe.

For security reasons it is imperative that all computer networks are synchronized to a stable time source. This doesn’t have to be UTC any single time source will do unless the network conducts time sensitive transactions with other networks then UTC becomes crucial otherwise errors may occur and these can vary from emails arriving before they were despatched to loss of data.  However, as UTC is governed by atomic clocks it makes it a highly accurate and auditable source of time.

Some network administrators take the shortcut of using an internet time server as a source of UTC time, forgoing the need for a dedicated NTP device. However, there are security risks in doing such a thing. Firstly, the inbuilt security mechanism used by NTP, called authentication, which confirms a time source is where and who it claims it is, is unavailable across the internet. Secondly, internet time servers are outside the firewall which means a UDP port needs to be left open to allow the time signal traffic. This can be manipulated by malicious users or viral programs.

A dedicated NTP time server is external to the network and receives the UTC atomic clock time from with either the GPS satellite system (global positioning system) or specialist radio transmissions broadcast by national physics laboratories.

Synchronizing the Time on your Computer

  |   By

Keeping accurate time is essential for many applications and dedicated NTP time servers make the job easy for network administrators. These devices receive an external time signal, often from GPS or sometimes from broadcast signals put out by organisations such as NIST, NPL and PTB (national physics labs from US, UK and Germany).

Synchronization with a NTP time server is made all the more easier thanks to NTP (network time protocol) this software protocol distributes the time source by constantly checking the time on all devices and adjusting any drift to match the time signal that is received.

Time synchronization is not just the concern of large networks. Even single machines and routers ought to be synchronised because at the very least it will help keep a system secure and make error detection a whole lot easier.

Fortunately, most versions of Windows contain a form of NTP. Often it is a simplified version but it is enough to allow a PC to be synchronized with the global time scale UTC (Coordinated Universal Time). On most Windows machines this is relatively easy to do and can be achieved by double clicking on the clock icon in the task bar then selecting a time provider in the internet time tab.

These time sources are internet based meaning that they are external to the firewall so a UDP port has to be left open to allow the time signal to enter. This can cause some security issues so for those wanting perfect synchronization without any security issues then the best solution is to invest in a dedicated time server. These need not be expensive and as they receive an atomic clock time signal externally then here is no breach in the firewall leaving your network secure.

Dangers of Free Time

  |   By

We are all looking for freebies, particularly in the present financial climate and the internet is not short of them. Free software, free films, free music, almost everything these days has a free version. Even critical applications for our computers and networks such as anti-virus can come free. So it is understandable that when network administrators want to synchronize the time on computer networks they turn to free sources of UTC time (UTC – Coordinated Universal Time) to synchronize their networks using the operating systems’ own inbuilt NTP server.

However, just as there is no such thing as a free lunch, free time sources come with a cost too. To start with all time servers on the internet that are available for the public to use are stratum 2 servers. This means they are devices that receive the time from another device (a stratum 1 time server) that gets it from an atomic clock. While this second hand time source shouldn’t lose too much time compared to the original, for high levels of accuracy there will be a noticeable drift.

Furthermore, internet time sources are based outside the network firewall. For access to the time server a UDP port needs to be left open. This will mean the network firewall will intrinsically have a hole in it which could be manipulated y a malicious user or aggressive malware.

Another consideration is the inbuilt security that the time transfer protocol NTP (Network Time Protocol) uses to assess the time signal it receives is genuine. This is referred to as authentication but is unavailable across the internet. Meaning the time source may not be what it claims to be and with a hole in the firewall it could result in a malicious attack.

Internet time sources can also be unreliable. Many are too far from clients to provide any real accuracy some time sources available on the internet are wildly out (some by hours not just minutes). There are however, more reputable stratum 2 servers available and the NTP pool has details of those.

For real accuracy with none of the security threats the best solution is to use an external time source. The best method for doing this is to utilise a dedicated NTP server. These devices work exterior to the firewall and receive the time either direct from GPS satellites or via broadcasts by national physics labs such as NIST or NPL.

Do I Really Need an NTP Time Server?

  |   By

The NTP time server is a much misunderstood piece of equipment. They are quite simple devices in the sense that they are used for the purposes of time synchronisation, receiving an external source of the time which is then distributed throughout a computer network using NTP (Network Time Protocol).

However, with a myriad of ‘free’ time servers available on the internet many network administrators take the decision that NTP time servers are not necessary pieces of equipment and that their network can do without it. However, there are a huge number of pitfalls in relying on the internet as a time reference; Microsoft and the USA physics laboratory NIST (National Institute of Standards and Time) highly recommend external NTP time servers rather than internet providers.

Here is what Microsoft says:
“We highly recommend that you configure the authoritative Time Server to gather the time from a hardware source. When you configure the authoritative Time Server to sync with an Internet time source, there is no authentication.”

Authentication is a security measure implemented by NTP to ensure that the time signal that is sent comes from where it claims to come from. In other words authentication is the first line of defence in protecting against malicious users. There are other security issues too with using the internet as a time source as any communication with an internet time source is going to require the TCP/IP port to be left open in the firewall this could also be manipulated by malicious users.

NIST too recognise the importance of NTP time server systems for prevention and detection of security threats in their Guide to Computer Security Log Management they suggest:
“Organizations should use time synchronization technologies such as Network Time Protocol (NTP) servers whenever possible to keep log sources’ clocks consistent with each other.”