ntpd when improperly set ..

[daemonfowl]

Hi !
let say that my clock is damaged and never keeps time .. or that I mischose time zone during installation or unset date or simply diabling ntp ..
my question is :
Does this have any impact on my system's security and/or reliability whether at the client or server level ?

Thanks very much.

[jggimi]

Quote:

Does this have any impact on my system's security and/or reliability whether at the client or server level ?

Setting the time-of-day incorrectly means to have the wrong timezone setting or being off by some minutes or hours. This can certainly confuse anyone reading logs that use timestamps -- especially when comparing logs from one machine, with another machine when conducting root cause analysis. When recovering data in filesystems by timestamp, this could introduce integrity problems -- using the wrong backup for recovery, as an example.

The only security issue I could think of with an incorrect timestamp are when security systems use timestamps as part of the operational schema. Kerberos tickets used for authentication and authorization are timestamped and require participating systems to keep clocks in sync within specific tolerances.

If a time-of-day clock is malfunctioning, this means that all timestamps are untrustworthy -- this means that timestamps in logs, file metadata, authentication and authorization systems will be adversely affected.

If a system clock (time-of-day, msec or sec counter) is malfuctioning it might possibley weaking an encryption schema that uses clocks for key management. Weakened semantic security will occur if multi-use keys are not replaced within appropriate traffic windows. I don't know if any implementations use clocks rather than message counters...but the possibility exists..

[bmk1st]

Cron jobs would be affected. You would not want them to run at improper time, such as backing up data at wrong time or running some scripts which affect performance of computers and impact users during a work day.

[ocicat]

Quote:

Originally Posted by bmk1st

Cron jobs would be affected.

Taking jggimi's & bmk1st's comments one step further, systems with incorrect time is one thing, but if the clock is erratic to the point of skipping, this could adversely cause maintenance cron(8) scripts to not run (since their scheduled time was missed...) at all.

[daemonfowl]

Jgimmi , bmk1st, Ocicat :
thank you so much !!!