[time-nuts] Setting Windows XP clock.

Esa Heikkinen tn1ajb at nic.fi
Sun Jul 13 05:37:20 EDT 2014


Hi!

At first, Windows XP supports SNTP protocol (so it can be synchronized 
with NTP server, but not with "millisecond" grade accuracy) and it uses 
time.windows.com as default server. Maybe Microsoft is closed that 
server or something, if it doesn't work anymore. However it's easy to 
change the NTP server, like Ed Palmer alrady described.

It's also possible to use local NTP server, I use Symmetricom/Datum 
TymServe 2100 to synchronize the system cloks for all Windows computers. 
Works fine and does not need connection outside local network.

Any Windows computer can also act as NTP server, if "millisecond" grade 
time is not needed. Registry change is needed to enable the Windows NTP 
server, Google if you want to do this. In addition, the system running 
as NTP server must also have working NTP client configuration so that it 
syncrhonizes itself. But remember, integrated Windows NTP is not very 
accurate, the time may have even more than ten seconds offsets.

> You do not want to have your XP box connected to the internet at all.
> This is not something that can be dealt with by any anti-virus software you
> are running.

I even have Windows 2000 computer having 24/7 internet connection. This 
is a server computer running 24/7, doing certain tasks. Windows 2000 
support is stopped many years ago and also there's not even anti-virus 
software compatible with Windows 2000 anymore. Sounds dangerous? Not 
necessary - there has not been any trouble ever...

The secret is that this (and all other computers) are behind NAT 
firewall so there's no direct access to this (or other) Windows 
computers. Second thing is (maybe most important), that this computer is 
NOT used for any web browsing or e-mails (which are most common way to 
infect any unprotected computer).

By the way, XP support is not fully stopped yet, there's still monthly 
malware removal updates coming. Last one happened just few days ago. We 
still use XP for work (with anti-virus software of course) and there's 
never been any problems with it. Any suspicious traffic from local 
network to the Internet will be noticed by network monitoring, but 
there's haven't been any. XP is safe, if it's behing network firewall.

One easy trick to keep any Windows computer safe is to use Jotti's 
Malware Scan service before running any new .exe files downloaded from 
Internet:

http://virusscan.jotti.org/

This is an easy-to use online service, where you can send files for 
scanning. It uses more than 20 anti-virus tools to scan the file and 
reports the results from each tool. If the file is infected, there will 
be many alerts, even when the anti-virus software installed in own 
computer doesn't give any alert.

Connecting any Windows computer directly to the Internet (without NAT or 
nework firewall) or DMZ is not recommended at all, even if it has most 
recent Windows version. There will be always new and undetected 
vulnerabilities. That's the reason why the Windows updates exists.

-- 
73s!
Esa
OH4KJU


More information about the time-nuts mailing list