NTP Time Servers

Filed under: Project security |

Time Servers and NTP serve are widely used to synchronize the time on computer networks. NTP provides the ability to access time servers, organize the time synchronization subnetNTP Time Servers and adjust the local clock in each participating subnet computer. Typically, NTP provides accuracies of between 1 and 50 milliseconds depending on the time source and network paths.

Network Time Protocol can be utilized to synchronize the time on computers across a network. A NTP time server is utilized to obtain the correct time from a time source and adjust the local time in each participating computer.

The time source used by the time server is extremely important as this forms the basis of all time updates across the network. Recent studies show an alarming number of stratum 1 time sources on the internet are bad time keepers. A reported 391 of 957 supposedly stratum 1 NTP time sources had time offsets of over 10 seconds. Incredibly, one time source was offset by a staggering 6 years. Only 28% of the internet based stratum 1 clocks actually appears to be useful, based on research by Nelson Minar, MIT Media Lab Cambridge, MA USA. Mis-configuration appears to be the main cause for inaccurate time sources provided by the internet.

The integrity of the time source utilized by the time server cannot be stressed more highly. The accuracy of each computer on the network is dependant on the accuracy of the time source utilized by the time server. A useful rule is to beware when obtaining the time from sources that cannot be validated, i.e. from an unknown third party across the internet.

Extracts from the Conclusion of the article by Nelson Minar, MIT Media Lab Cambridge, MA USA. “This survey has captured the state of the NTP network in November 1999. The network is growing rapidly and seems to be managing reasonably well. Timing statistics suggest that delays and accuracies have improved over the years, helping clock accuracy for everyone. This survey uncovers two problems: the number of bad clocks on the network, and the unbalanced nature of the network load. The number of bad clocks was a truly surprising result. Only 28% of the stratum 1 clocks found appear to actually be useful”.

The conclusion by Nelson Minar underlines the importance of ensuring that for commercial applications it is essential to use an accurate auditable time source such as a radio atomic clock, or GPS time.