[ntp:questions] Re: Audit program for scanning hosts for local time accuracy.

themeanies themeanies at nowhere.net
Wed Jan 25 15:11:27 UTC 2006


Richard B. Gilbert wrote:
> I don't see how authentication enters into it!  Authentication requires 
> configuring each host with keys that enable it to verify its own 
> identity to others or verify the identity of others.  Any system running 
> ntpd should reply, when properly queried, with the current time.   If 
> you are going to use this time to set your own clock, you may wish to 
> use authentication to verify the identity of the server you queried.  If 
> you simply want to know what time a system has, then a simple query 
> should return the time.

I guess I didn't ask properly, maybe this is the wrong place.

Maybe what I asked in my original posting was too broad to accomplish in 
one fell swoop.  Let's break it down a little further.  Lets say I have 
500 Windows XP/2000 workstations.  200 are in a domain to which I am an 
admin, the other 300 are not domain joined but I have access to 
credentials.  If I have proper *windows* authentication there should be 
a way to query the time on all these machines.  Maybe not via (S)NTP but 
some windows mechanism.  I'm specifically looking to find machines which 
are not syncing properly to my Time server or are not set at all.


> RFC compliant SNTP clients are NOT supposed to act as servers.  
> Microsoft's implementation is broken in this regard so that any Windows 
> 2000 or XP system running W32TIME will tell you what it thinks the time 
> is.  I don't believe that earlier versions of Windows than W2K support 
> this.

My workstations should be configured to query an SNTP server via w32time 
but I can't find any daemon running that would tell me what it's local 
time is.  This is daytime TCPport13 we're describing right?

Thanks for your help,
tM




More information about the questions mailing list