howto have older windows (not on internet) just get the right date from newer windows on internet. In this example winXP/7/8 uses psrdatesvc to get datetime on private non-internet network without NTP from a windows or linux pc serving RFC868 time (default port 37).

rdate-windows-howto.txt

In example scenario below, the "XP" box can also be vista/win7-8-8.1 (maybe even 10), 32 or 64 bit. 
How to keep XP on minimally on network, but not internet, using network only to update time and push files via scp/sftp.
Both old XP and Server are kept safe by closing all ports on XP, and allow that XP computer to connect only to port 37 on a (rfc868 aka "rdate") time-server. The device providing TIME service on port37 should get its own time from internet/intranet (by ntp, etc).
(The time-server does not have run a server-os: it can be almost any linux device, or even a windows-pc.)

With all ports closed on XP, the time-server cannot infect XP. If XP is infected, such as by a usb-key, it cannot spread over
network to time-server (unless time-server has vulnerability known to virus. Turn off smb1 on time-server (if windows)!

On XP/7/8/8.1, rdatesvc.exe (= prdatesvc = PermaSoft Rdate service) safely keeps system time and date correct by periodically from
port 37 on a specified time SerVeR, such time.nist.gov one of the few public time servers in 2020 still answering on port 37
see https://tf.nist.gov/tf-cgi/servers.cgi  In our case since not on internet, we can get date/time from local intranet pc.

Old XP pc only able to see     RFC868 time SerVeR (rdate at port 37)
169.254.x.y (SerVeR)           Only port 37 needs be open on the 169.254.x.y fixed IP
                ------        +----------------+
               |      |       |       |F       |
               |  XP  |       |       |i       |
               |  all +-------+ 37    |r       +------>WLAN providing correct time and date
               | ports|       | is    |e       |       (usual networking, maybe even internt ;-)
               |closed|       | only  |W       |
               |      |       | port  |A       |
                ------        | open  |L       |
                              |       |L       |
         private un-routed    +----------------+
         (ethernet cable)
         from XP to Server

You can always test if something is listening at port 37
If on a client without rdate, you can still test what date/time you get from port 37 without running rdate. Below is a method using bash, nc, and xxd from section 4 of "Tiny NTP client" at https://seriot.ch/ntp.php and note I use time.nist.gov instead of ntp.metas.ch
On macos: brew install rdate and/or brew install netcat then rdate -p time.nist.gov or, without rdate you can still display date:

$ date -r$((0x`echo|nc -w1 time.nist.gov 37|xxd -p`-64#23GDW0))
$ # or
$ date -r$((0x`echo|nc -w1 132.163.96.4 37|xxd -p`-64#23GDW0))
Wed Aug  5 16:52:48 EDT 2020

On linux or windows (see steps below showing how, on windows, to get git-bash and netcat with choco)

$ echo $((0x`echo|nc -w1 time.nist.gov 37|xxd -p`-64#23GDW0))
bash: nc: command not found
-2208988800
$ ###  (at this point install netcat so the "nc" command is available
$ echo $((0x`echo|nc -w1  37|xxd -p`-64#23GDW0))
1584038030
$ ### (ok, that is the correct number of seconds since the epoch. For human-readable use either date -d@ (gnu-date) or date -r (bsd-date)
$ date -d@$((0x`echo|nc -w1 time.nist.gov 37|xxd -p`-64#23GDW0))
Thu, Mar 12, 2020  2:36:00 PM
$ uname -a
MINGW64_NT-10.0-17763 

NOTE: The above was done on windows using git-provided bash and xxd, and choco-provided nc (netcat) . That is, as follows:

1. install free choco from https://chocolatey.org as it says in GettingStarted, namely Start: powershell (admin) and paste in this one big line:

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

2. Then just choco upgrade git and choco upgrade netcat To get a bash-shell (with $ prompt), right-click on any folder: Git Bash Here
   Or run from command-line "C:\Program Files\Git\git-bash.exe"

For testing the rf868time.exe (Unixwiz.net RFC868rdate time service) on windows, the right time/date is returned by rf868time.exe when querried from mac/linux using rdate <ip-of-windows> with firewall off. For example, with windows pc at 169.254.169.254

-bash-4.1$ uname -a
Linux ...
-bash-4.1$ rdate 169.254.169.254
rdate: [169.254.169.254]   Thu Mar 12 15:17:09 2020

While rdate gets correct date/time from windows pc, note that using bash/nc/xxd line I get errror and wrong date... I'll fix this posting when I figure out what is going on... maybe a byte-order (little-endian) thing? or maybe permissions on priv port???

$  date -d@$((0x`echo|nc -w1 localhost 37 | xxd -p`-64#23GDW0))
nc: Write error: Connection refused
Sun, Dec 31, 1899  7:00:00 PM
$  echo $((0x`echo|nc -w1 localhost 37 | xxd -p`-64#23GDW0))
nc: Write error: Connection refused
-2208988800