RE: [Full-Disclosure] Windows Time Synchronization - Best Practices

From: Airey, John (John.Airey_at_rnib.org.uk)
Date: 10/26/04

Next message: Thierry Carrez: "[ GLSA 200410-24 ] MIT krb5: Insecure temporary file use in send-pr.sh"

Previous message: Thomas Biege: "[Full-Disclosure] SUSE Security Announcement: xpdf, gpdf, kpdf, pdftohtml, cups (SUSE-SA:2004:039)"
Maybe in reply to: Bernardo Santos Wernesback: "[Full-Disclosure] Windows Time Synchronization - Best Practices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Andrew Farmer" <andfarm@teknovis.com>, "Gary E. Miller" <gem@rellim.com>
Date: Tue, 26 Oct 2004 13:10:21 +0100

> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com]On Behalf Of Andrew
> Farmer
> Sent: 25 October 2004 20:22
> To: Gary E. Miller
> Cc: Micheal Espinola Jr; full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] Windows Time Synchronization - Best
> Practices
>
>
> On 24 Oct 2004, at 18:48, Gary E. Miller wrote:
> > On Fri, 22 Oct 2004, Micheal Espinola Jr wrote:
> >> You can certainly have multiple time servers specified with Windows
> >> Time Service (SNTP). RTM. It has the ability to failover
> through a
> >> list.
> >
> > Yes you can have multiple time servers, but only one active
> at a time.
> > With NTP your client polls a number of diverse servers. Routes can
> > flap, servers can go wacko, but your time stays solid.
>
> The canonical *NIX ntp client supports multiple active servers, if
> that's what you're talking about.
>
> No idea about Windows, though.

Getting back to the poster's original question, Windows is really bad
for time synchronisation. Whereas you can set an NTP server to
UTC/GMT/ZULU (or whatever other name you are going to call it), Windows
does indeed move the clock forward and backward.

We've experienced this difficulty ourselves where you log in to a server
which then puts the clock an hour forward and then Windows itself puts
the clock an hour forward. The end result is that the clock is wrong.
Local time should simply be calculated as an offset from UTC. So instead
of changing the clock, change the time zone. Then it won't matter if the
time zone is changed to BST (for example) more than once. The clock and
the offset will stay the same.

Note to Microsoft - fix this stupidity in your next version of Windows.
It will annoy your users to begin with, but a number of time synch
issues will be solved in one fell swoop. All the three letter codes are
publicly available and understood by your end users.

-- 
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848
John.Airey@rnib.org.uk 
Even if Embryonic Stem Cell Research yielded medical treatments, how
could enough eggs be obtained to make them viable? We can't even get
enough organs for transplant donation.
-- 
DISCLAIMER:
NOTICE: The information contained in this email and any attachments is 
confidential and may be privileged.  If you are not the intended 
recipient you should not use, disclose, distribute or copy any of the 
content of it or of any attachment; you are requested to notify the 
sender immediately of your receipt of the email and then to delete it 
and any attachments from your system.
RNIB endeavours to ensure that emails and any attachments generated by
its staff are free from viruses or other contaminants.  However, it 
cannot accept any responsibility for any  such which are transmitted.
We therefore recommend you scan all attachments.
Please note that the statements and views expressed in this email and 
any attachments are those of the author and do not necessarily represent
those of RNIB.
RNIB Registered Charity Number: 226227
Website: http://www.rnib.org.uk
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Thierry Carrez: "[ GLSA 200410-24 ] MIT krb5: Insecure temporary file use in send-pr.sh"

Previous message: Thomas Biege: "[Full-Disclosure] SUSE Security Announcement: xpdf, gpdf, kpdf, pdftohtml, cups (SUSE-SA:2004:039)"
Maybe in reply to: Bernardo Santos Wernesback: "[Full-Disclosure] Windows Time Synchronization - Best Practices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

CMOS (non-volatile harware) clock sycronisation
... I have a number of Windows member servers in an AD forrest and in steady ... state w32time keeps there clocks approximately right. ... clock in sycronisation with the Windows clock. ...
(microsoft.public.windows.server.general)
Re: System clock synchronization
... Yes you can synchronize your computer clock with one of the many time ... servers as often as you like. ... I have Windows XP Home and have to make a change in the registry to ... can we cause the synchronization ...
(microsoft.public.windowsxp.basics)
Re: System clock synchronization
... - because the official NTP software examines the statistics of a number of ... servers to decide which is the best one to which to synchronise. ... and 1024s according to the PC clock state. ... everything from Windows NT 4 up to Windows 2003. ...
(borland.public.delphi.thirdpartytools.general)
Re: Linux is as buggy as Windows
... > gives his opinion and you attack him too. ... Not just Linux, so don't think I'm ... > and details what I've already suspected and stated countless times before- that Micro$oft is playing BigBrother at its Windows Update Sites. ... databases, spread-sheets, games, webservers, ftp servers, secure-shell ...
(comp.security.misc)
From Tracker....
... Remember, we're talking about Windows Platforms 95,98 ... provided with Cable/DSL dial-up accounts. ... Wrong IP no news. ... We aren't talking about News Servers here (at the ...
(comp.security.firewalls)