It does a similar thing as a NTP daemon, except that it does not track the time from many sources. Not only does this get confusing in log files, it may corrupt data in databases and processes relying on network synchronization.Ī much simpler option is using a NTP client. Three minutes later we log another line to our file, which will be suddenly 4:36:52 PM. Then our NTP daemon decides to change the time 10 minutes back in time.
For example: it is now 4:43:52 PM and we would log something to a file.
#Linux daemon sync software
This way other software on the systems doesn’t suddenly get confused. The process of time adjusting usually happens in small steps. When the NTP daemon sees some skewing again, it will adjust the time again. This way hardware clock, Linux kernel and NTP daemon have the same understanding of the time. When it knows with a certain guarantee what the time is, it will instruct the kernel to use this new time, and synchronize it usually also with the hardware clock.
This process is waiting to receive time from several trusted sources. For Linux is typically a running process, or daemon, with the name ntpd. Another risk is when the host system does not always give each client the same amount of time per CPU cycle, resulting in small variants in counting. There is a risk of “skewing” (getting out of sync) if the client system is not able to count the cycles correctly, e.g. When starting such a system, they get the right time of the host, and be able to maintain it correctly during uptime. Virtualized systems for example, may use the host system to get the right time. While this may sound as a guarantee of getting out of sync, it isn’t always the case. The first option “none” is obvious: there is no software installed on the system to maintain the time. Most Linux systems use the following options to synchronize time Then we can share the time with radio waves, so other systems can get synchronized. Instead of using digital components, they use the radiation of atomic particles. This makes it possible to synchronize our times to very precise clocks. Systems are nowadays connected to other networks. For other systems, they would be living in the past. If it went a little bit too quickly, you would be living in the future, according to your computer. But no device or component is 100% reliable, so your system time could slowly become “outdated”. This was done by using a hardware component, which is named the real-time clock (RTC). We relied in the past on the system itself, to maintain a time. Let’s have a look how things work and how we can troubleshoot when things don’t work. So having your Linux systems happily synchronized is a must.
For forensics, it might become very hard to reconstruct the steps occurred in a security incident. Database data and log files could be incorrect, resulting in data loss at worst. When your local clock is not correct, serious damage could happen. While you may not be an attacker, the system will refuse to work when it finds requests being from the past or future. This is because granted tickets have a built-in protection against timing attacks. If your system time is not correct, you may not be able to authenticate. One of the better examples is networks relying on the authentication protocol Kerberos. This changed with the interconnected world we are now living in. In the past, it was not really a big issue if your system was a few minutes off. We know this protocol by its shorter name NTP. The network time protocol helps computer systems to synchronize their time.