[ntp:questions] Re: Audit program for scanning hosts for local time accuracy.
Richard B. Gilbert
rgilbert88 at comcast.net
Wed Jan 25 02:06:25 UTC 2006
themeanies wrote:
> Assuming proper authentication, does there exist a program to scan a
> network and display local time for all the hosts it finds? I seem to
> recall a program from long ago that would do this, but I have had no
> luck finding anything similar.
>
> Most of my clients are windows, but some are unix and of course there
> is all the cisco/network equipment.
>
> Thank,
> tM
I don't see how authentication enters into it! Authentication requires
configuring each host with keys that enable it to verify its own
identity to others or verify the identity of others. Any system running
ntpd should reply, when properly queried, with the current time. If
you are going to use this time to set your own clock, you may wish to
use authentication to verify the identity of the server you queried. If
you simply want to know what time a system has, then a simple query
should return the time.
RFC compliant SNTP clients are NOT supposed to act as servers.
Microsoft's implementation is broken in this regard so that any Windows
2000 or XP system running W32TIME will tell you what it thinks the time
is. I don't believe that earlier versions of Windows than W2K support this.
The ntpdate program (deprecated) will send a query and either set your
clock or tell you what it would have done to your clock had it been free
to do so. Use the command "ntpdate -ud". The -u tells it to use a
non-privileged port while the -d tells it to run in debug mode and just
tell you what it would have do to set the clock.
A fairly simple script can be written to query every address on a
network and report its results. Some audacious young scholar went so
far as to write a set of scripts to query every reachable NTP server for
both the time and the addresses of all its clients. He ran this six or
seven years ago to audit the entire world and did a statistical analysis
of his results. You can get the details here
<http://alumni.media.mit.edu/%7Enelson/research/ntp-survey99/html/>
Another scholar ran a similar audit this fall but has yet to report his
results, if any. Go
here <http://ntpsurvey.arauc.br/> for his web page.
More information about the questions
mailing list