On Thu, 22 Nov 2007, in the Usenet newsgroup comp.os.linux.networking, in article <be2df938-09fa-48de-8b69-5eee7d8830d6@e23g2000prf.googlegroups.com>, Sonny wrote: NOTE: Posting from groups.google.com (or some web-forums) dramatically reduces the chance of your post being seen. Find a real news server. >We are in an ISP company. Hackers know how the DHCP works, and using >this knowledge they copy MAC addresses of legitimate clients to have >Internet connections. We want to know how to configure the DHCP to >assign IP addresses not just based only on MAC so only legitimate >clients can have access. >NNTP-Posting-Host: 203.84.191.122 [compton ~]$ host 203.84.191.122 Host not found. [compton ~]$ 1. While you are at it, get someone who knows how to configure the REQUIRED PTR records on your DNS server. 2. See RFC3118 (and RFC4030) 3118 Authentication for DHCP Messages. R. Droms, W. Arbaugh, Eds.. June 2001. (Format: TXT=35536 bytes) (Status: PROPOSED STANDARD) 4030 The Authentication Suboption for the Dynamic Host Configuration Protocol (DHCP) Relay Agent Option. M. Stapp, T. Lemon. March 2005. (Format: TXT=34332 bytes) (Status: PROPOSED STANDARD) 3. See that your terms and conditions have serious ramifications for fraud, and enforce them by using authentication for all services. Old guy