Hi, this is for the developers of STAROS (And anybody interested)

I dont know if you guys have thought about this, but I thought of this idea one night, because im going through possible ways to stop hackers on the system.

Since you can control the programming side of how a client gets to connect.

Would you be able to make a Toggle switch to check the Connecting Mac Addresses User IP address against a DHCP table (Or Macaddress Ip Address List Seperately.)

So in short what would happen is two possible things

1) Users Mac Address is checked against the association list, and allowed to associate.

-- This is the next important part

2) If DHCP is ON on the server, it will check against, the DHCP Mac Address IP assignment. If the IP addres of the clients machine (Or Router) is different than the DHCP assignment for that Mac Address of the Client it will Temporarily TarPool The Client

or

2) Make it check against a Seperate list (You Guys could script a MacAddress IP address list that would be something like MACADDRESS:IPADDRESS) and if they dont match, tarpool the client

3) It would be cool if you guys could show who is being tarpitted. Sometimes I type a mac address wrong on a client, and when I cant figure out why they cant connect on site, it would be nice to hop on the router and figure out what I typed wrong. (And see who is trying to hack or change their IP)

PLease?

The idea of checking for the proper IP is good. We will have to see about having radius verify they are using the assigned IP.

The tarpit list would be good. I have often wondered who was hung up.

Have you played with radius to see what it can do. If you wish to have the client use their dialer you can use PPPoE as it is very secure and it gives out the IP and bandwidth based on radius or default settings.