Network Time Protocol allows distributed devices to synchronize timestamps, which is critical to effective log analysis because it allows audit personnel to establish accurate event sequences across multiple devices.
Installing NTP Server or Client on Debain linux is never easier:
apt-get install ntp
That's it, just edit the configuration file /etc/ntp.conf for both client and server.
Configuring NTP Server
- Use two to three servers for good accuracy. It's better to choose NTP servers near you in your country or your continent.
server 0.europe.pool.ntp.org
server 1.europe.pool.ntp.org
server 2.europe.pool.ntp.org
server 3.europe.pool.ntp.org
- If the server is going to provide time for other devices (PCs, Servers, Security and Network devices), you can define the networks that are allowed to synchronize with the NTP server.
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
- Restart NTP for these settings to take effect using the following command:
/etc/init.d/ntp restart
-To check if the NTP server is synchronized with NTP servers in the configuration file, use the following command:
ntpq -p
- Hint: Public Internet Time Servers
- pool.ntp.org - This points to a random worldwide time server.
- europe.pool.ntp.org - This points to a random European time server.
- uk.pool.ntp.org - This points to a random United Kingdom based time server.
Configuring NTP Client
If you have linux machines to synchronize with the server, apply the following:
- Add your NTP server in the configuration file /etc/ntp.conf.
server 192.168.1.1
while 192.168.1.1 is your NTP server
- Restart the NTP service for settings to take effect:
/etc/init.d/ntp restart
No comments:
Post a Comment