Timing is everything...

Having the correct clock timestamp is very important for logging, maintenance, troubleshooting and even forensic analysis. Timing provides a very important frame of reference for network devices, such as hosts, routers and switches. It would be almost impossible to construct a reliable model of an environment without having a standard and accurate frame of reference, thus timing is everything...

The Hardening Cisco Routers book provides a good reference for Network Time Protocol (NTP) important, and can be found at http://oreilly.com/catalog/hardcisco/chapter/ch10.html. NTP is a very popular way to synchornise system clocks with a central trusted server. Here's a rough guide to getting NTP running on a Linux server;

  1. sudo yum install ntp # Install the NTP client
  2. sudo vi /etc/ntp.conf # Edit the configuration file to use the nearest server pool. Refer to www.ntp.org to get the pools.
  3. sudo mv /etc/localtime /etc/localtime~ # Backup the locatime file
  4. sudo ln -s /usr/share/zoneinfo// /etc/localtime # Ensure that the correct locatime file is set for your city
  5. sudo ntpdate # Set the date using NTP using the pool specified*
  6. sudo /etc/rc.d/init.d/ntp start # Start the NTP client daemon
  7. ntpstat # Check that the system clock is synchronised
  8. date # Check that the system date is set correctly
  9. sudo hwclock -w # Set the hardware clock to the system date
*Note: Ensure that the host allows traffic on port 123 for the NTP protocol to work.

No comments:

Post a Comment