[ntp:questions] Re: Audit program for scanning hosts for local time accuracy.
Richard B. Gilbert
rgilbert88 at comcast.net
Wed Jan 25 16:18:53 UTC 2006
> Richard B. Gilbert wrote:
>> I don't see how authentication enters into it! Authentication
>> requires configuring each host with keys that enable it to verify its
>> own identity to others or verify the identity of others. Any system
>> running ntpd should reply, when properly queried, with the current
>> time. If you are going to use this time to set your own clock, you
>> may wish to use authentication to verify the identity of the server
>> you queried. If you simply want to know what time a system has, then
>> a simple query should return the time.
> I guess I didn't ask properly, maybe this is the wrong place.
> Maybe what I asked in my original posting was too broad to accomplish
> in one fell swoop. Let's break it down a little further. Lets say I
> have 500 Windows XP/2000 workstations. 200 are in a domain to which I
> am an admin, the other 300 are not domain joined but I have access to
> credentials. If I have proper *windows* authentication there should
> be a way to query the time on all these machines. Maybe not via
> (S)NTP but some windows mechanism. I'm specifically looking to find
> machines which are not syncing properly to my Time server or are not
> set at all.
>> RFC compliant SNTP clients are NOT supposed to act as servers.
>> Microsoft's implementation is broken in this regard so that any
>> Windows 2000 or XP system running W32TIME will tell you what it
>> thinks the time is. I don't believe that earlier versions of Windows
>> than W2K support this.
> My workstations should be configured to query an SNTP server via
> w32time but I can't find any daemon running that would tell me what
> it's local time is. This is daytime TCPport13 we're describing right?
> Thanks for your help,
No, this is SNTP, port 123. Can you run ntpdate on your server? My
server is a Sun Ultra 10 running Solaris 8. Here's what I get when I
query this PC.
sunblok_$ ntpdate -ud 192.168.1.100
25 Jan 11:10:00 ntpdate: ntpdate 4.2.0 at 1.1161-r Mon Jan 2
21:53:02 EST 2006 (10)
Looking for host 192.168.1.100 and service ntp
host found : 192.168.1.100
192.168.1.100: Server dropped: strata too high
server 192.168.1.100, port 123
stratum 16, precision -6, leap 11, trust 000
refid [192.168.1.100], delay 0.04169, dispersion 0.00089
transmitted 4, in filter 4
reference time: c7820cef.10000000 Wed, Jan 25 2006 9:42:55.062
originate timestamp: c7822158.a8000000 Wed, Jan 25 2006 11:10:00.656
transmit timestamp: c7822158.8947e2b1 Wed, Jan 25 2006 11:10:00.536
filter delay: 0.04271 0.04172 0.04170 0.04169
0.00000 0.00000 0.00000 0.00000
filter offset: 0.122294 0.120959 0.120356 0.119775
0.000000 0.000000 0.000000 0.000000
delay 0.04169, dispersion 0.00089
25 Jan 11:10:00 ntpdate: no server suitable for synchronization found
This PC is not joined to a domain; it's a standalone in my home. It's
running Windoze XP SP 1 and W32TIME.
ntpdate tells us the offset and that it's stratum is higher than that of
the server. I don't know if that delay figure is in seconds or
milliseconds. Either way it's satisfactory.
More information about the questions