What security issues can arise from a corrupted system clock? Will my email messages be treated as spam, for example?
I often feel that many network and system administrators don't pay enough attention to the issues of system clock accuracy and time synchronization. Computer clocks can run faster or slower over time, batteries and power sources die, or daylight-saving time changes are forgotten. Sure, there are lots of more pressing security issues to deal with, but not ensuring that the time on network devices is synchronized can cause problems. And these problems often only come to light after a security incident.
If you suspect a hacker is accessing your network, for example, you will want to analyze your log files to look for any suspicious activity. If your network's security devices do not have synchronized times, the inaccuracy of the time stamps makes it impossible to correlate log files from different sources. Not only will you have difficulty in tracking events, but you will also find it difficult to use such evidence in court; you won't be able to illustrate a smooth progression of events as they occurred throughout your network.
Unsynchronized clocks can also affect automated tasks. If certain processes run out of sequence, such as transaction processing and backups, then the results of these processes may cause discrepancies, due to the transaction times failing to tally. Mismatched timestamps often cause financial and database program errors.
Fortunately, it is quite easy to synchronize a computer's clock. The Network Time Protocol project maintains a list of public time sources, which provide a consistent time to your computer or network devices. On Windows PCs, you can set your computer to automatically synchronize with an Internet time server: open the Date and Time applet located in your control panel and select the Internet Time tab. Windows also comes with a Time Service Tool, W32tm.exe. It can be used to configure Windows Time service settings and diagnose problems with the time service.
There are also various available programs on the Internet that ensure the accuracy of computer or network time. Network Time System, for example, allows users to synchronize their clock with an enterprise network time server. The server syncs up with external sources, such as Internet time servers or local trusted ones, including GPS or clock cards. Every PC, therefore, does not require an Internet connection to obtain an accurate time. If your firewall is set to block certain types of traffic, you may want to look at Admin Http Time Sync, which uses HTTP instead of the NTP or SNTP protocols. For stand-alone PCs, Atomic Clock Sync is another free program. To set your PC clock once a day, Atomic Clock Sync connects to a server at the National Institute of Standards and Technology (NIST).
Dig Deeper on Monitoring Network Traffic and Network Forensics
Related Q&A from Michael Cobb
A new programming language called Wyvern is helping developers use multiple languages in one app securely. Application security expert Michael Cobb ...continue reading
Gartner predicts more than half of all mobile apps will use HTML5 by 2016, but what threats will this cause the enterprise? Expert Michael Cobb ...continue reading
Public key pinning aims to reduce the lack of trust associated with digital certificates and certificate authorities. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.