I might have written about this before – not sure 🙂
At some point, I was having issues with Windows XP not keeping its time synced. Keeping all of the computers on the Internet agreeing on the precise time is very critical. It’s also a big problem. When the internet was 30 computers in DARPA labs, they could coordinate with each other and average out what they thought the current time is, or even better check with the US Government.
But when the Internet is probably a billion devices spread across the entire world, keeping everyone synced is a really big challenge. The basic tool for this is the Network Time Protocol (NTP). It is built around a layered onion – you might be 10 computers away from the one computer that is actually authoritative. For most people, that’s close enough.
But I noticed the Fedora 20 computer had drifted about 3 minutes away from the correct time – which is a problem, since I do things like generate the programs for the coming half hour based on it being in the last minute before the top/bottom of the hour. Doing that 3 minutes before it should can create confusion.
After doing the advice to sync automatically, the NTPDATE tool just came back and told me there are no servers available. I cleared the firewall (briefly) to make sure I didn’t have a block in place – no change.
I started poking around and developed the theory that Time Warner Cable might be blocking the NTP requests (on port 123). Some poking around suggests that’s exactly the problem. The reason was they were the object of an attack a few months ago streaming 400 Gbps of NTP traffic in a huge Distributed Denial of Service attack. The thinking is that entire attack only required one server and a clever enemy. Something to keep in mind when picking fights with countries with large staffs of clever hackers working for the government. The Internet to a significant degree relies on good will and trust.
Here are details
This isn’t Heartbleed, but it’s kind of in the same league. The vulnerability is wide spread, and keeping things quiet is part of the solution. I can’t find information – the logical way for TWC to handle this would be to maintain one NTP server on their network that syncs, then redirect all NTP requests to servers maintained by TWC. If they are doing that, I didn’t see evidence of it.
At least for now, that means I’ll have to manually fix the time by looking at my cell phone. Sheesh.