NTP is a standard Internet protocol for distributing accurate time to network time clients. There are a large number of public NTP time servers available on the Internet. However, it may often be the case, for security purposes, that an organisation may require an internal stratum 1 NTP time server. This article discusses a number of time sources that can be used as a reference clock for a stratum 1 time server.
Probably the most widely used NTP reference clock resource is currently the Global Positioning System (GPS). The GPS system consists of a number of orbiting satellites providing accurate positioning and location information. However, each GPS satellite also has an integral highly accurate atomic clock that can be used as a timing reference. Utilising the GPS system for time synchronisation has a number of advantages. The Global Positioning System is ideal to provide an accurate timing reference utilising low-cost components. A typical GPS receiver can provide timing information to within a few nanoseconds of UTC. Also, provided the antenna is shown a good view of the sky, the GPS timing signal can be received world-wide. The disadvantage of using the GPS system is the very fact that the antenna requires a view of the sky. Often sitting an antenna on a rooftop with a good view of the sky can be impractical and expensive.
There are also a number of national time and frequency radio transmissions that can be used to synchronise a stratum 1 NTP server. The advantage of using a radio time reference is that generally a good signal can be obtained indoors close to the host computer. This can considerably reduce system installation costs. However, radio time references are generally less accurate than GPS systems. Typically, national time and frequency transmissions are accurate to 1 - 20 milliseconds. The radio transmission is regional and has a finite range dependant on transmitter power. Additionally, local interference or environmental issues can cause problems with reception. Placing a radio antenna too close to electrically noisy equipment can result in signal loss. Also, locating an antenna inside a metal enclosure or underground in a basement can also be a problem.
A number of national time and frequency standards are available broadcasting to the local region.
The WWVB time and frequency signal is a 60kHz radio broadcast transmitted from Fort Collins, Colorado, USA. The WWVB signal continuously transmits time and frequency signals throughout the US and much of Northern America. The signal provides UTC time to an accuracy of 100 microseconds.
The DCF-77 time and frequency signal is transmitted from Frankfurt, Germany. DCF-77 broadcasts timing information continously at 77.5kHz. The transmission covers Germany and much of Central and North Western Europe. Time and frequency information is broadcast to an accuracy of <20msec.
The MSF radio time and frequency broadcast is transmitted at 60kHz from Anthorn, Cumbria, UK. The broadcast covers the British Isles and much of North Western Europe. Time and frequency information is broadcast to an accuracy of <1msec.
The TDF time and frequency radio broadcast is transmitted from Allouis, France. It continuously broadcasts time and frequency information at 162kHz. The transmitter has a power output of 2000kW, with coverage of France and much of Central and Western Europe.
The JJY long-wave time and frequency broadcast is transmitted from Tokyo, Japan. The broadcast is continuously transmitted at 60kHz and covers much of Japan and Far Eastern Asia.
To conclude, there are many sources of time and frequency reference broadcasts available. When selecting a timing reference for a time server, expense, geographic availablilty, accuracy and ease of installation should all be taken into account.
Ntp Server Windows 2000
NTP or Network Time Protocol to give it its full name is an internet protocol designed to distribute precise time around a network. NTP is a UDP based protocol used to synchronize system time on network infrastructure, such as servers, workstations and network equipment .
This article describes how to utilise the Network Time Protocol authentication features to authenticate time references when synchronizing clients to a NTP server.
NTP Server Security
Network Time Protocol is used to provide a precise time reference for time critical applications. Therefore, NTP can pose a security risk if malicious users attempt to corrupt a NTP timestamp to create a false time on network equipment.
NTP provides increased security in the form of authentication. Authentication is intended to overcome security risks by ensuring that any response received from an NTP time server has come from the intended reference. The client sends a request for time to a NTP server. The server then responds to the client with a precise timestamp along with one of a number of agreed encrypted keys. On receipt of the timestamp, the client un-encrypts the key and verifies it against a list of trusted keys. The client can then be sure that the received timestamp was indeed transmitted from the intended time reference. NTP utilises MD5 encryption (Message Digest Encryption 5), which is a 128-bit cryptographic hash function, which outputs a fingerprint of the key. MD5 is a highly secure encryption algorithm, widely used on the internet for authentication and security purposes.
NTP Authentication Keys
NTP authentication keys are codes that are encrypted on both the server and client that are used to identify the NTP time server. NTP authentication keys are stored in a file usually called ‘ntp.keys’. Each authentication key consists of a key number, an encryption code and the key itself.
E.g. NTP server keys:
2 M VisioN
5 M SeRvEr
7 M TiMeLy
10 M MYKEY
12 M TiDy
14 M MaGic
The authenication key number acts as a reference to the specified authentication key. The encryption code specifies the type of encryption to be utilised, e.g. ‘M’ for MD5 encryption. The actual keys must be identical on both the client and the NTP time server. The client may utilise a sub-set of the authentication keys specified on the NTP Server. The keys are case sensitive.
E.g. client keys:
5 M SeRvEr
7 M TiMeLy
10 M MYKEY
14 M MaGic
Trusted Authentication Keys
Trusted authentication keys are specified in the NTP server configuration file, ‘ntp.conf’. Trusted keys specify which subset of keys are currently activeand can be used by the NTP server. This allows a sub-set of trusted keys to be selected from a potentially large keys file. The trusted keys specifier allows key references to be changed easily without editing the keys file. Trusted keys are selected using the ‘trusted-keys’ configuration command.
E.g.
trusted-keys 7 10 14
This specifies that authentication keys with the key references of 7, 10 and 14 are trusted and can be used by the NTP installation.
NTP Security Summary
Essentially, authentication is used by the client to authenticate that the NTP server is who he says he is, and that no rogue server intervenes. The key is encrypted and sent to the client by the server where it is unencrypted and checked against the client keys to ensure a match. Authenication provides NTP with a high level of security to prevent malicous tampering of timestamp information.
Both David Evans & Dave Evans are contributors for EditorialToday. The above articles have been edited for relevancy and timeliness. All write-ups, reviews, tips and guides published by EditorialToday.com and its partners or affiliates are for informational purposes only. They should not be used for any legal or any other type of advice. We do not endorse any author, contributor, writer or article posted by our team.
David Evans has sinced written about articles on various topics from Computers and The Internet, Personal Desktop and Computers and The Internet. D. Evans is a highly experienced technical author to the timing reference and telecommunications industry. David has provided a technical authoring resource to many Windows NTP server manufacturers and computer timing solutions providers. Click here for m. David Evans's top article generates over 18100 views. to your Favourites.
Dave Evans has sinced written about articles on various topics from Personal Desktop, Health and Networking. The author, David Evans, develops SNTP and NTP server time synchronization solutions that ensure accurate time on computers and computer networks. Dave has been heavily involved in the development of dedicated time server systems, Ethernet NTP digital wal. Dave Evans's top article generates over 6600 views. to your Favourites.
Christian Weight Loss Group This, in and of itself, leads to a lot of weight problems. Weight Watchers and other similar weight loss programs help you reinstate the sense of portion control by limiting the amount of food you eat at a single sitting down to a more reasonable size
