StratumONE Time – Securing from NTP Reflection attack Clock Synchronization to a trusted time source

Having accurate time on a network is critical in today’s work environment irrespective of any industry. All the process within an organisation be it time attendance, CCTV, mails, network etc requires to be time stamped from an authoritative time source which is secure and which complies with local regulations and global standards.

Synchronized timing is vitally important when many systems work together in a network.  Services such as Logfiles, Correlation of Events, User Authentication Mechanisms, Job Scheduling e.g. for backups or Active Directories running on distributed platforms use accurate timestamps to record events in chronological order and to avoid conflicts with data replication. Without accurate time synchronization these services cannot operate.

As is true for other network services, time synchronization is exposed to numerous cyber vulnerabilities such as hacker attempts and security hazards. Spoofing or falsifying of time information may severely influence the operation of time-critical applications and degrade stability of networks.

To understand this better, we need to have a basic understanding of the function of UDP Port 123 which denotes specifically to time. Whenever we access the time from the Internet we need to open the UDP Port 123 which makes our network vulnerable to DDOS attacks and hacks. US CERT and CISCO too have already made a reference on the vulnerability.

Apart from this if some breach happens in the IT security landscape it won’t stand in the court of law as the time which if taken from Internet is not trusted. Internet time sources can also be unreliable in their precision or too far away to make any useful synchronisation.

Network Time Protocol is the key to keeping accurate time. It is a software algorithm that has been constantly developed for over two decades. NTP takes a single time source that is received by the NTP Server and distributes it across a network ensuring all machines in that network are running to exact same time.

While NTP can maintain synchronisation of a network to within a few milliseconds it is only as good as the time source it receives. A dedicated NTP Server will use a time signal from an external source and so keep the network secure as the firewall will not have to be disturbed.

One of the most preferred methods for most users of NTP servers is the GPS (Global Positioning System).

These time signals are UTC (Coordinated Universal Time) which is the world’s civil timescale. A NTP Server receiving time source from the GPS network can realistically provide accuracy to within a few milliseconds of UTC.

While UTC is freely available across the Internet it is neither accurate nor secure (being as it is external to your firewall). Also Internet time sources cannot be authenticated which is NTPs own method of ensuring a time source is what it says is.

The main advantage of using the signals transmitted from a GPS satellites onboard atomic clock is that a signal is available anywhere on the planet.

NTP Server

The NTP server is a tool for keeping computer networks synchronised. Computer networks are normally synchronised to the global timescale UTC (Co-ordinated Universal Time ) enabling them to communicate effectively with other networks also running UTC.

These devices have revolutionised the way we work and trade in the global market place ensuring that computer networks from across the globe are synchronised at the same time.

Endrun Technologies is one of the leading players in the GCC and UAE market with their flagship product the SONOMA D12.

But computer networks are not the only part of an organisation that requires to know the time, people too are constantly relying on the time and if a computer network is running reliable and accurate time then it makes sense that the workforce is too.

However, in many organisations it is common for the office wall clock to be several minutes behind or ahead of the NTP server which is why many office managers now insist that digital wall clocks are used that connect to a NTP Sever.

Digital / Analog wall Clocks can be used to display the correct UTC time in any location. These devices ensure that everybody in your organisation can be aware of the exact UTC time and that entire organisations can be synchronised to the exact same time.

Displaying hours, minutes and seconds these devices are easy to install and can be powered by Ethernet (POE)

TECHNICAL WEBINAR ON HOW TO MITIGATE NTP VULNERABILITIES

To attend a complimentary Webinar on “StratumONE Time – Securing from NTP Reflection attack” (Every Wednesday at 03:00PM (GST)) please visit

Please follow and like us:

Leave a Reply

Change Language »
error

Enjoy this blog? Please spread the word :)