Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Questions about PC clock operations

from [Scott Ramsdell] Network Security [Permanent Link]
Subject: RE: Questions about PC clock operations
Date: Tue, 29 Aug 2006 13:25:25 -0400 
Ricci,

In a corporate environment you would typically deploy a network time
protocol server (NTP).  The NTP server either points to an external
reference NTP server, or to its own BIOS clock if corporate policy
prevents synching to an external time source.

Then, all *nix computers and all appliances, firewalls, IDS, routers,
etc. are pointed to the NTP server.  You would also specify the NTP
server as the time source in the appropriate reg key on your Windows
domain controllers.  Typically, the DC running the FSMO role for PDC
Emulator is also the NTP server.

When a Windows client logs in, it checks it's time against the DC, and
adjusts accordingly.  You can find the exact way a Windows client
adjusts itself on the Microsoft site, I know it's there somewhere as I
had to do this years ago.  The formula depends on how far out of
agreement the client is.

It is very important that all of your devices agree what time something
occurred on your network, and the NTP server is the way you do that.

Best Regards,
Scott Ramsdell

-----Original Message-----
From: ricci@cse.ust.hk [mailto:ricci@cse.ust.hk] 
Sent: Monday, August 28, 2006 5:05 PM
To: security-basics@securityfocus.com
Subject: Questions about PC clock operations

Hello All,

As you know time is a piece of information critical to digital forensics
investigation. However, as the paper in DFRWS 2006 pointed out, the PC
clock is not steady but drifting.

So can any one let me know how the PC clock operates? Is there any
difference between the time between Linux clock and Windows? Will the
operating system be affecting the clock?

Please advise.

Thx.

Ricci


------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Questions about PC clock operations, Robert D. Holtz - Lists
Next by Date:  Re: Procedure for staff leaving, krymson
Previous by Thread:  Re: Questions about PC clock operations, tony barry
Next by Thread:  Re: Questions about PC clock operations, Jim Mellander
Indexes:  [Date] [Thread] [Top] [All Lists]