Hello Friends,

I have one Scenario,which i put here,

We have runing ISP.we maintain near about 350 client.
and we have software like every client should have login page to access our net.
so every client should login before they used net.

now i face some problem here,

we have ip rang like 10.0.9.10 to 10.0.9.255

we store all user IP add and Adapter add(like Lan card H/W numbar)
in our database.and all r uniq.

now here spposed their one client called ABC
and his Pc's IP Add something like 10.0.9.50
and Adapter add is:00-00-20-d3-90-b5

and their more client call XYZ
and his IP add like :10.0.9.60
and Adapter add is :00:C1:26:05A:BC

when I give ABC's IP Add(10.0.9.50) (with out Adapter number)in XYZ PC's,after
reboot when i access net it's working ,
How it can be possible,
and it's didn't give any error messages. on XYZ's Pc.like "Invalide MAC Add"

Quest is:
!)how can sove this problem
2)is there any error in Scripting.?
3)or is there any Security Required in RHL Server

or i can't guess other problem,
so any one have any adia abt this.

I affriad how many users doing this.or using any one else IP(with out mac add) to access net.
so tell how can find rest of it also.

Help me.....

Hitesh

explain what for is this base (where it is used)?

the simplest way o force mac-ip correlation is to use netfilter (iptables) with mac & ip switches

Hi ,

As i had metion here we runing ISP, so we provide "internet connection" to our users. for that any new user's get connection ,we configuar one ip and mac add on users PC. and also store in our database. but when i give the same ip(only ip) to another users pc it's not asking mac add.???

and we are doing this for our secuirty perpsers.
"bec'z no one users can used other users ip with mac add."

is their any other sloution to secure this.
if it then let me know !!!

Hitesh

what does it mean? I understand that 'configure' means assign the ip to the user PC via dhcp or statically at user's PC. Is it correct?
but what is this base? your own one? explain it. i do not see the reasons what for is this base and why ip change should result asking for the new mac address (which program should do that?)
what does mean "i give"? in what way do you "give" the ip? (dhcp?)

I wrote the simple solution: use iptables filters. You can drop all the packet from the computer when ip and mac address doesn't match

HI,

here all Answer's:

1)we configuar one ip and mac add on users PC

----> means we assign an Ip and Mac add(Statically) for accessing Internet.this all ip and mac are uniq for all users.

2)and also store in our database
-----> Means We had created on Database In "Mysql" to store all users ip and mac.

and we have one software ,which check who's used net or who's off line. and wether any one try to used other's IP or not, for that Security we match users Ip and Mac add in out database.

if it's not configure or we didn't do that ,then any one used other's ip and try to access internet.

3)but when i give the same ip(only ip) to another users
-----> that's what i explained above,if i assign one users ip to other's users PC,with out assign(in other's users Pc)Mac add,
it's still working (access net).
i don't what to do !!

i hope ,now i had clear ur Quest !!,and now u can able to suggest some good sloution.

Thanx

Hitesh

So it's sort of like an ISP or a college where each user registers with you their MAC and you assign an IP to it.

Have you looked into turning off ARP and using only a static ARP table? That way even if someone "spoofs" an IP, if they did it with the wrong network card the replies would go to the owner's net card instead so the spoofer wouldn't see a thing. Now I have never implimented a static ARP table so I couldn't tell you how to do it but that sounds like a solution for your setup.