Join or sign in Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use FacebookUse Linkedin

Accurate time

Locked

We’ve recently installed a new firewall on our network and configured it to sync time with two different internet NTP sources. The firewall’s clock drifts up to one second when pulling time every 30 minutes. The vendor says this drift is normal, but that doesn’t sound right to me. How accurate does the law say time has to be if we ever tried to prosecute a hacker?

Topic

Reply To: Accurate time

In reply to Accurate time

I could not find a specific answer. However, I can’t believe that being off by only a second during the time pull would make a difference in prosecution.

While possible unrelated; I did find this pdf document with good information on blocking rules and logging; with a snippit of information about rules for prosecution.
http://ezine.daemonnews.org/200407/daemonnews200407.pdf

Reply To: Accurate time

In reply to Accurate time

boss , why don’t you decrease the sync period . That is make the sync more frequently . You know where to reconfigure that ?

Reply To: Accurate time

In reply to Accurate time

The most important thing for your logs is that they are internally consistent both within a computer and across multiple machines. Drift is not a major problem (and expected in most systems).

If your environment has a very rigorous security requirement (not just a regular office), you can purchase an external clock device to provide a common, accurate clock that you can use across all of your computers.

Also, the source of a lot of the drift is AC power cycle variations. Going to DC power will likely keep the clock more accurate… though your milage may vary based on the design of the devices.

[Author]

Replies