Vulnerability Development mailing list archives

Re: Windows XP RC2

From: Dimitry Andric <dim () xs4all nl>
Date: Wed, 22 Aug 2001 17:24:46 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2001-08-20 at 12:36:41 Dino wrote:

D> Well I am not sure if you would consider this a bug, incident, monitoring or
D> a feature, but in Windows XP RC2 that we loaded this weekend
D> I noticed that M$ has Network Time Client built to keep correct time.

This service is nothing new. It's not only included in Windows XP, but
also in Windows 2000, and it's simply called the "Windows Time"
service. According to Microsoft:

"The Windows Time Synchronization service (W32Time) is a fully
compliant implementation of the Simple Network Time Protocol (SNTP) as
detailed in IETF RFC 1769."

Some Microsoft KB articles about the service:

Q224799: Basic Operation of the Windows Time Service
http://support.microsoft.com/support/kb/articles/Q224/7/99.ASP

Q216734: How to Configure an Authoritative Time Server in Windows 2000
http://support.microsoft.com/support/kb/articles/Q216/7/34.ASP

Q223184: Registry Entries for the W32Time Service
http://support.microsoft.com/support/kb/articles/Q223/1/84.ASP

If the Windows machine is part of a domain (old NT or AD), the time is
synchronized with a domain controller, otherwise the time.windows.com
server is simply the default SNTP server used.

You can disable the Windows Time service from the Services MMC snapin,
or set the preferred SNTP server(s) to something different, running
the following from a command prompt:

  net time /setsntp:"sntp1.example.com sntp2.example.com"

These servers will then turn up (delimited by spaces) in the string
value "ntpserver" under the registry key:

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters

You can check what the service is doing by checking the Event Viewer,
or running the following from a command prompt:

  w32tm -v


D> This is good so that we do not have to grab a 3rd party app and install it,
D> but what is disturbing is take a guess as to what the "default" Time Server
D> that gets used???

D> time.windows.com  !!!

Conspiracy theories aside, it's quite nice of Microsoft to provide
their own SNTP server to be bashed upon by hordes of Windows clients.

Cheers,
- --
Dimitry Andric <dim () xs4all nl>
PGP Key: http://www.xs4all.nl/~dim/dim.asc
Fingerprint: 7AB462D2CE35FC6D42394FCDB05EA30A2E2096A3

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5i
Comment: http://www.gn.apc.org/duncan/stoa_cover.htm

iQA/AwUBO4PAtrBeowouIJajEQLGdQCgmgdO6QdwhU3+XRzd4pMumL3X9RgAn1mk
xK5cxnZqlRRsVQDtVAxj6701
=DSpC
-----END PGP SIGNATURE-----

Current thread:

Re: Windows XP RC2, (continued)
- - Re: Windows XP RC2 Gregory McCann (Aug 20)
  - Re: Windows XP RC2 Dino (Aug 21)
    - Re: Windows XP RC2 Blue Boar (Aug 21)
    - Re: Windows XP RC2 Gregory McCann (Aug 21)
    - Re: Windows XP RC2 herrold (Aug 21)
    - Re: Windows XP RC2 Michel Arboi (Aug 21)
- Re: Windows XP RC2 Dennis McHenry (Aug 20)
  - RE: Windows XP RC2 Dom De Vitto (Aug 21)
    - Re: Windows XP RC2 Jason Legate (Aug 21)
- Re: Windows XP RC2 Christopher McCrory (Aug 21)
- Re: Windows XP RC2 Dimitry Andric (Aug 22)
- RE: Windows XP RC2 Petruzel, Oliver (Aug 20)
- Re: Windows XP RC2 fintler (Aug 23)