What security issues can arise from unsynchronized system clocks?

BROWSE BY TAG Platform Security,   Network Intrusion Detection and Analysis,   Enterprise Network Security,   Monitoring Network Traffic and Network Forensics,   Application and Platform Security,   Email Protection,   Email and Messaging Threats (spam, phishing, instant messaging),   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Platform Security What patch management metrics does Project Quant use? Should developers create libraries of common cryptographic algorithms? How to secure USB ports on Windows machines What is the best database patch management process? What is an encryption collision? What are new and commonly used public-key cryptography algorithms? Should management processes change based on a patch release schedule? Does an EULA make it truly illegal to decompile software? Should businesses delay Windows Vista adoption and just buy Windows 7? Why should we place data files on a separate partition than the OS? Monitoring Network Traffic and Network Forensics Best practices for (small) botnets Botnet masters turn to Google, social networks to avoid detection Preventing SQL injection attacks: A network admin's perspective Breach prevention: How to keep track of data and applications Researchers find thousands of flawed embedded devices Network traffic collection, analysis helps prevent data breaches Lifecycle of a network security vulnerability Port scan attack prevention best practices How to prevent network sniffing and eavesdropping DoD urges less network anonymity, more PKI use Email and Messaging Threats (spam, phishing, instant messaging) How to secure a .pdf file Top spammer gets four years in jail for stock fraud scheme New Zeus spam poses as Social Security statements Messaging security risks have upper hand on solutions Web-based attacks skyrocket, pirating sites surge, security firms say Pushdo botnet uses Facebook to spread malicious email attachment Scareware report highlights successful business model How to prevent phishing attacks with social engineering tests Phishing protection begins with training, antiphishing evangelist Phishing attacks to remain a major problem, say security experts Email and Messaging Threats (spam, phishing, instant messaging) Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bridge  (SearchSecurity.com) computer forensics  (SearchSecurity.com) Einstein  (SearchSecurity.com) footprinting  (SearchSecurity.com) information signature  (SearchSecurity.com) inverse mapping  (SearchSecurity.com) network behavior analysis  (SearchSecurity.com) network forensics  (SearchSecurity.com) promiscuous mode  (SearchSecurity.com) snoop server  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

I often feel that many network and system administrators don't pay enough attention to the issues of system clock accuracy and time synchronization. Computer clocks can run faster or slower over time, batteries and power sources die, or daylight-saving time changes are forgotten. Sure, there are lots of more pressing security issues to deal with, but not ensuring that the time on network devices is synchronized can cause problems. And these problems often only come to light after a security incident.

If you suspect a hacker is accessing your network, for example, you will want to analyze your log files to look for any suspicious activity. If your network's security devices do not have synchronized times, the inaccuracy of the time stamps makes it impossible to correlate log files from different sources. Not only will you have difficulty in tracking events, but you will also find it difficult to use such evidence in court; you won't be able to illustrate a smooth progression of events as they occurred throughout your network.

Unsynchronized clocks can also affect automated tasks. If certain processes run out of sequence, such as transaction processing and backups, then the results of these processes may cause discrepancies, due to the transaction times failing to tally. Mismatched timestamps often cause financial and database program errors.

Even on home computers, an incorrect clock can cause problems. Your email messages are time-stamped using your computer's local system clock. If the time is wildly inaccurate, then some email servers may classify your messages as spam, particularly if the date is in the past or future. Also, many Web sites use cookies to store your logon status. These cookies have an expiry time based on your system clock. If your computer clock is inaccurate, the cookies will be set with the wrong expiry time, and you might find that you are unable to log in.

Fortunately, it is quite easy to synchronize a computer's clock. The Network Time Protocol project maintains a list of public time sources, which provide a consistent time to your computer or network devices. On Windows PCs, you can set your computer to automatically synchronize with an Internet time server: open the Date and Time applet located in your control panel and select the Internet Time tab. Windows also comes with a Time Service Tool, W32tm.exe. It can be used to configure Windows Time service settings and diagnose problems with the time service.

There are also various available programs on the Internet that ensure the accuracy of computer or network time. Network Time System, for example, allows users to synchronize their clock with an enterprise network time server. The server syncs up with external sources, such as Internet time servers or local trusted ones, including GPS or clock cards. Every PC, therefore, does not require an Internet connection to obtain an accurate time. If your firewall is set to block certain types of traffic, you may want to look at Admin Http Time Sync, which uses HTTP instead of the NTP or SNTP protocols. For stand-alone PCs, Atomic Clock Sync is another free program. To set your PC clock once a day, Atomic Clock Sync connects to a server at the National Institute of Standards and Technology (NIST).

More information: