Synchronize time throughout your entire Windows network | TechRepublic

Atomic clock sync

Atomic Clock Sync is one of the easiest to use network time synchronizer for Windows. As you launch this software, it shows Current Settings tab. From here, it displays you some basic information about current local time, current UTC, standard time zone name, date, bias, and also Daylight time zone name, date, bias, etc.

In order to synchronize PC time, you need to switch to Synchronization Interval tab and click on Sync Now button. Now, it will connect your PC to time server (time.nist.gov) and synchronize the time with it. Also, from the same tab, you can specify automatic synchronization interval as per your requirement.

Chrony(d)

The NTP daemon chronyd calculates the drift and offset of your system clock and continuously adjusts it, so there are no large corrections that could lead to inconsistent logs for instance. The cost is a little processing power and memory, but for a modern server this is usually negligible.

Chronyd configuration

Edit /etc/chrony/chrony.conf to add/remove server lines. By default these servers are configured:

Coopoint atomic clock sync

Coopoint Atomic Clock Sync is another free server time synchronization software for Windows. The software interface is kept very simple and displays information about server time, local time, their difference, and also time zone. You can change time zone as per your requirement.

Ds clock

DS Clock is another good software for network time synchronization. This time synchronization software uses SNTP protocol to connect to the time server.

The software is made up of two tabs: Clock and Synchronization. The Clock tab contains some options to manage data and time format related settings. While, Synchronization tab lets you choose a time server, auto time adjustment frequency, etc. After choosing a time server, you can click on Adjust Now button to calibrate PC time to server.

Like some other software, it also lets you add your own time server but to do so, you need to edit the timesvrs.dat file.

Installation

To install chrony, from a terminal prompt enter:

sudo apt install chrony

This will provide two binaries:

  • chronyd – the actual daemon to sync and serve via the NTP protocol

  • chronyc – command-line interface for chrony daemon

Magitime

Magitime is one of the best free network time synchronizer for Windows. Using this software, you can easily synchronize date and time of your PC to US atomic clocks. You can access it from your system tray.

In order to use this utility for network time synchronization, you need to right click on its icon from the system tray and click on Utilities > Synchronize Time option. As a result, it automatically synchronizes time of your PC to the atomic clock.

Using its Track network option, you can analyze IP address, speed of your connection, total data transfer using Ethernet adapters, fiber distributed data interface adapters, token ring adapters, loop-back adapters, etc.

Apart from system time synchronization, it lets you detect all types of dial-up connections (especially PPP and SLIP standards), track LAN and other networks, analyze world time, schedule reminders for important dates and events, analyze moon phase (last and next, full moon, and new moon date and time), track internet expenses, set countdown timer to automatically disconnect connection after specified period of time, etc.

It also provides options like Call Settings, Contact Manager, etc. for dial-up networks. Also, you can checkout timer logs, expenses statistics, data transfer statistics, etc. for specified date, week, or month using Statistics option.

Miss a column?

Check out the Security Solutions Archive,and catch up on the most recent editions of Mike Mullins’ column.

Worried about security issues? Who isn’t? Automaticallysign up for our free Security Solutions newsletter, delivered each Friday,and get hands-on advice for locking down your systems.

My favorite network time synchronizer for windows:

Magitime is one of my favorite time synchronization software for PC. Apart from time synchronization, it lets you track LAN and other networks, detect dial-up connections, schedule reminders, track internet expenses, etc.

Time-Sync Client and Dimension 4 are also considerable time synchronization software.

You may also checkout lists of best free Computer Shutdown Timer, Countdown Timers, and Folder Sync software for Windows.

Nts client

The client needs to specify server as usual (pool directives do not work with NTS). As usual after the server adress options can be listed and there nts has to be added.

Example:

server <server-fqdn-or-IP> iburst nts

One can check the authdata of the connections the client established like

$ sudo chronyc -N authdata
Name/IP address             Mode KeyID Type KLen Last Atmp  NAK Cook CLen
=========================================================================
<server-fqdn-or-ip>          NTS     1   15  256  48h    0    0    8  100

Again there are more advanced options documented in the man page. Common use cases are specifying an explicit trusted certificate.

Bad Clocks and secure time syncing – “A Chicken and Egg” Problem:

There is one problem with systems that have very bad clocks. NTS is based on TLS and that needs a a somewhat correct clock. Due to that an NTS based sync might fail. On Hardware affected by this one can consider using the nocerttimecheck option which allows to set a number of times time can be synced without checking validation and expiration.

:/>  Как конвертировать стиль разметки диска MBR в GPT в командной строке Windows 10 с сохранением работоспособности системы » Страница 2

Nts server

To set up your server with NTS you’ll need certificates so that the server can authenticate itself and based on that allow to encrypt and verify the NTP traffic.

In addition to the allow statement that any chrony working as NTP server needs there are two mandatory config entries that will be needed. Those for the certificates like

Example entries would look like:

ntsservercert /etc/chrony/fullchain.pem
ntsserverkey /etc/chrony/privkey.pem

Nts support

In Chrony 4.0 (first appeared in Ubuntu 21.04 Hirsute) support for Network Time Security “NTS” as added.

Pps support

Chrony supports various PPS types natively. It can use kernel PPS API as well as PTP hardware clock. Most general GPS receivers can be leveraged via GPSD. The latter (and potentially more) can be accessed via SHM or via a socket (recommended).

All of the above can be used to augment chrony with additional high quality time sources for better accuracy, jitter, drift, longer-or-short term accuracy (Usually each kind of clock type is good at one of those, but non-perfect at the others). For more details on configuration see some of the external PPS/GPSD resource listed below.

Note: at the release of 20.04 there was a bug which until fixed you might want to add this content to your /etc/apparmor.d/local/usr.sbin.gpsd.

Sp timesync

SP TimeSync is another good and easy to use PC to server time synchronization software for Windows. By default, it uses pool.ntp.org as its time server.

As you launch this software, it displays local time of your PC. You need to click on Get time from server button to analyze server time, time difference, precision, NTP version, etc. After fetching time from server, you need to click on Adjust clock button to make changes to the system clock.

From the Time Client tab, you get options to specify NTP server, frequency of synchronization, etc.

Time synchronization with ntp

Overview

NTP (Network Time Protocol) provides accurate and syncronised time
across the Internet. This introductory article will try to show you how to use NTP to
control and synchronize your system clock.

First approach

NTP is organised in a hierarchical client-server model. In the top of
this hierarchy there are a small number of machines known as reference clocks. A
reference clock is known as Synchronize time throughout your entire Windows network | TechRepublicstratum 0 and is typically a cesium
clock or a Global Positioning System (GPS) that receives time from satellites. Attached
to these machines there are the so-called stratum 1 servers (that is, stratum 0
clients), which are the top level time servers available to the Internet, that is, they
are the best NTP servers available.

Note: in the NTP lingo measure for synchronization distance is termed as
stratum: the number of steps that a system lies from a primary time source.

Following this hierarchy, the next level in the structure are the stratum 2
servers which in turn are the clients for stratum 1 servers. The lowest level of
the hierarchy is made up by stratum 16 servers. Generally speaking, every server
syncronized with a stratum n server is termed as being at stratum n 1
level. So, there are a few stratum 1 servers which are referenced by stratum 2 servers,
wich in turn are refenced by stratum 3 servers, which are referenced by stratum 4 and so
on.

NTP servers operating in the same stratum may be associated with others in a peer to
peer basis, so they may decide who has the higher quality of time and then can
synchronise to the most accurate.

In addition to the client-server model and the peer to peer model, a server may
broadcast time to a broadcast or multicast IP addresses and clients may be configured to
synchronise to these broadcast time signals.

So, at this point we know that NTP clients can operate with NTP servers in three
ways:

  • in a client-server basis
  • in a peer to peer mode
  • sending the time using broadcast/multicast

How does it work

Whenever ntpd starts it checks its configuration file (/etc/ntp.conf) to determine syncronization sources, authentication
options, monitoring options, access control and other operating options. It also checks
the frequency file (/etc/ntp/drift) that contains the
latest estimate of clock frequency error. If specified, it will also look for a file
containing the authentication keys (/etc/ntp/keys).

Note that the path and/or name of these configuration files may vary in your
system. Check the -c command line option.

Once the NTP daemon is up and running, it will operate by exchanging packets (time and
sanity check exchanges) with its configured servers at poll intervals and its behaviour
will depend on the delay between the local time and its reference servers. Basically, the
process starts when the NTP client sends a packet containing its timestamp to a server.
When the server receives such a packet, it will in turn store its own timestamp and a
transmit timestamp into the packet and send it back to the client. When the client
receives the packet it will log its receipt time in order to estimate the travelling time
of the packet.

:/>  Чем открыть формат TTF? Программы для чтения TTF файлов

The packet exchange takes place until a NTP server is accepted as a synchronization
source, which take about five minutes. The NTP daemon tries to adjust the clock in small
steps and will continue until the client gets the accurate time. If the delay between
both the server and client is big enough the daemon will terminate and you will need to
adjust the time manually and start the daemon again.

Sample ntp.conf configuration file

     server
134.214.100.6
server swisstime.ee.ethz.ch

     peer 192.168.100.125
peer 192.168.100.126
peer 192.168.100.127

     driftfile /etc/ntp/drift
#multicastclient  # listen on default 224.0.1.1
#broadcastdelay  0.008

     authenticate no

    
#keys           /etc/ntp/keys
#trustedkey     65535
#requestkey     65535
#controlkey     65535

     # by default ignore all ntp packets
restrict 0.0.0.0 mask 0.0.0.0 ignore

     # allow localhost
restrict 127.0.0.1 mask 255.255.255.255

     # accept packets from…
restrict 192.168.100.125 mask 255.255.255.255
restrict 192.168.100.126 mask 255.255.255.255
restrict 192.168.100.127 mask 255.255.255.255

Take a look at references below to understand the configuration options.

References

NTP Basics

Time usually just advances. If you have communicating
programs running on different computers, time still should even advance if you switch from
one computer to another. Obviously if one system is ahead of the others, the others are
behind that particular one. From the perspective of an external observer, switching between
these systems would cause time to jump forward and back, a non-desirable effect.

As a consequence, isolated networks may run their own
wrong time, but as soon as you connect to the Internet, effects will be visible. Just
imagine some EMail message arrived five minutes before it was sent, and there even was a
reply two minutes before the message was sent.

UTC (Universal Time Coordinated, Temps Universel
Coordonné) is an official standard for the current time. UTC evolved from the former
GMT (Greenwich Mean Time) that once was used to set the clocks on ships before they left
for a long journey. Later GMT had been adopted as the world’s standard time. One of the
reasons that GMT had been replaced as official standard time was the fact that it was based
on the mean solar time. Newer methods of time measurement showed that the mean solar time
varied a lot by itself.The following list will explain the main components of
UTC:

NTP on Unix and Windows 2000

In this example we show, how to synchronize your
Linux, Solaris and Windows 2000 Server (Primary Domain Controller) with the Public NTP Time
Server: swisstime.ethz.ch

swisstime.ethz.ch (129.132.2.21)
Location: Integrated Systems Laboratory, Swiss Fed. Inst. of Technology,
CH 8092 Zurich, Switzerland
Geographic Coordinates: 47:23N, 8:32E
Synchronization: NTP primary (DCF77 clock), Sun-4/SunOS 4.1.4
Service Area: Switzerland/Europe
Access Policy: open access
Contact: Christoph Wicki (time@iis.ee.ethz.ch)

Synchronize time throughout your entire Windows network | TechRepublic

Configuration on Unix

The NTP client program ntpdate sets the system
clock once. As real clocks drift, you need periodic corrections. Basically you can run
ntpdate in a cron job hourly or daily, but your machine won’t be an NTP server
then.

Crontab entry to update the system clock once a
day

0 2 * * * /usr/sbin/ntpdate -s -b -p 8 -u
129.132.2.21

Force the time to be stepped using the
settimeofday() system call, rather than slewed (default) using the adjtime() system call.
This option should be used when called from a startup file at boot time.

Specify the number of samples to be acquired from
each server as the integer samples, with values from 1 to 8 inclusive. The default is
4.

Divert logging output from the standard output
(default) to the system syslog facility. This is designed primarily for convenience of
cron scripts.

Direct ntpdate to use an unprivileged port or
outgoing packets. This is most useful when behind a firewall that blocks incoming traffic
to privileged ports, and you want to synchronise with hosts beyond the firewall. Note
that the -d option always uses unprivileged ports.

First of all you have to download the NTP sources from
www.ntp.org. On RedHat Linux 7.0 / 7.1 the
NTP server ntpd is already included in the distribution.

The NTP server ntpd will learn and remember the
clock drift and it will correct it autonomously, even if there is no reachable server.
Therefore large clock steps can be avoided while the machine is synchronized to some
reference clock. In addition ntpd will maintain error estimates and statistics, and
finally it can offer NTP service for other machines.

start() {
# Adjust time to make life easy for ntpd
if [ -f /etc/ntp/step-tickers ]; then
echo -n
$”Synchronizing with time server: “
/usr/sbin/ntpdate -s -b -p 8 -u
`/bin/sed -e
‘s/#.*//’ /etc/ntp/step-tickers`
success
echo
fi
# Start daemons.
echo -n $”Starting $prog: “
daemon ntpd
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch
/var/lock/subsys/ntpd
return $RETVAL
}

129.132.2.21

server 127.127.1.0  #
local clock

server 129.132.2.21 # swisstime.ethz.ch (stratum 1)
driftfile /etc/ntp/drift
multicastclient     # listen on default
224.0.1.1

broadcastdelay 0.008

# /etc/rc.d/init.d/ntpd start

One of the quickest commands to verify that
ntpd is still up and running as desired is ntpq -p. That command will show
all peers used and configured together with their corner performance data.

:/>  Как открыть реестр Windows 10

# ntpq -p

    
remote      refid    st t when poll
reach   delay  offset jitter
=====================================================================
LOCAL(0)        LOCAL(0) 3 l   
9   64  377    0.000   0.000   0.000
*swisstime.ethz. .DCFa.   1 u   17   64  377  
25.088 -10.040   1.071

To obtain a current list peers of the server, along
with a summary of each peer’s state. Summary information includes the address of the remote
peer, the reference ID (0.0.0.0 if this is unknown), the stratum of the remote peer, the
type of the peer (local, unicast, multicast or broadcast), when the last packet was
received, the polling interval, in seconds, the reachability register, in octal, and the
current estimated delay, offset and dispersion of the peer, all in milliseconds.

# ntpq -c pee swisstime.ethz.ch

    
remote      refid   st t when poll reach  
delay  offset jitter
====================================================================
*GENERIC(0)      .DCFa.   0 l   14  
16  377    0.000   0.126  0.170
LOCAL(0)        LOCAL(0) 6 l  
13   64  377    0.000   0.000 10.010
sns2-tss2.unige lantime  2 u  323 1024  377  
11.000   0.014  1.770
nz11.rz.uni-kar .DCF.    1 u   40   64  376 
353.290  18.088 17.120
xjane.planNET.de .DCFa.   1 u   80  256  377  125.050
-38.018  0.210
sombrero.cs.tu- .GPS.    1 u   49   64 
377   36.070   1.159  0.790

# ntpdc

ntpdc> peers

Be sure that there is an entry for the the
swisstime.ethz.ch server, and that there is an entry for your local net. The “st” (stratum)
column for the ITD time servers should be “1” or “2”, indicating that the time server are
stratum-1/2 servers, e.g. they obtain their time from stratum-1 servers, which are directly
connected to external time reference sources. If the stratum for any server is “16” then
this server is not synchronizing successfully.

    
remote          
local     st poll reach delay   offset   
disp
====================================================================
=LOCAL(0)       
127.0.0.1       3  64 377 0.00000  0.000000
0.00095
=cosmos.hsz.akad 5.0.0.0        16  64  
0 0.00000  0.000000 0.00000
*swisstime.ethz. 192.168.138.29  1 128 377 0.02658 -0.001197
0.00215

Configuration on Windows 2000 Workstation

Windows 2000 (Win2K) uses a time service, known as
Windows Time Synchronization Service (Win32Time), to ensure that all Win2K computers on
your network use a common time. The W32Time Service is a fully compliant implementation of
the Simple Network Time Protocol (SNTP) as detailed in IETF RFC 1769. SNTP uses UDP port
123 by default. If you want to synchronize your time server with an SNTP server on the
Internet, make sure that port is available.

net time
/setsntp:swisstime.ethz.ch

net start W32Time

You can also set the start option of the Windows Time
Synchronization Service (W32Time) to Automatic, so the service will start when
Windows/2000 starts.

The registry values are located in the following registry
key:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesW32TimeParameters

The Adj and msSkewPerDay values are used to preserve
information about the computer’s clock between restarts. Do not manually edit these
values.

More Information

For further information about NTP in
Windows/2000 see

http://support.microsoft.com/support/kb/articles/q224/7/99.asp
http://support.microsoft.com/support/kb/articles/q216/7/34.asp
http://support.microsoft.com/support/kb/articles/q223/1/84.asp
http://support.microsoft.com/support/kb/articles/q120/9/44.asp
http://support.microsoft.com/support/kb/articles/Q232/2/55.asp
http://labmice.techtarget.com/windows2000/timesynch.htm

For further information about NTP see

http://www.eecis.udel.edu/~ntp/

Timesync

TimeSync is another free network time synchronization software for PC. It is another simple software, packed with a number of time servers like time.nist.gov, utcnist.colorado.edu, etc. Using this software, you can remove clock deviation up to 1 second.

After selecting a time server, you can click on Get Time option. Now, the time of the PC is synchronized to the server, and it displays total clock deviation in seconds.

Time-sync client

Time-Sync Client is another freeware to synchronize time of your PC to a valid time server. This software runs in the background and synchronizes time at specified synchronization interval.

As you launch this software, you get two tabs, namely: Protocol and Settings. From the Protocol tab, you can have information about the progress of time synchronization process. The Settings tab lets you decide whether to add protocol to event log or not.

Also, you get option to set time synchronization frequency by setting Update Interval. The frequency may vary from half a minutes to 24 hours. There is a server list available under the same tab. It even lets you add up to five servers to synchronize time with them.

It synchronizes time with any of these added servers but in case it fails to synchronize time with a server, it automatically switches and tries to connect to next listed server to synchronize time of your PC. By default, it uses pool.ntp.org server for time synchronization.

View status

Use chronyc to see query the status of the chrony daemon. For example to get an overview of the currently available and selected time sources.

Final thoughts

Properly synchronizing your network with a consistent andaccurate time source will pay big dividends when it comes down to trackinganomalies and security problems within your network. Setting and distributing theaccurate time for your network is an easy process—you just need to find thetime to do it.

Оставьте комментарий

Adblock
detector