Implementing anti-abuse techniques on ISP networks....

Michael Dillon michael at
Thu Aug 7 19:22:28 UTC 1997

>For those scoring along at home, it's not easily possible with the
>RADIUS-based method I suggested, as the RADIUS server doesn't know
>the dynamic IP that will be assigned until it has already accepted
>the login.  Oh well.

Which RADIUS server are you referring to, there are many.

RADIUS servers can be hacked to do anything you like and a couple of years
ago I remember that at least one person had hacked there server to issue
static IP addresses from a dynamic pool managed by the RADIUS server rather
than allowing the terminal server to manage its own pool of addresses. This
sort of hack could be used in conjunction with special filter rules to
accomplish what you seek.

However, the specifics of this might best be discussed on portmaster-users.
Send your subscribe request to portmaster-users-request at

Michael Dillon                    voice: +1-415-482-2840
Senior Systems Architect            fax: +1-415-482-2844

"The People You Know.  The People You Trust."

More information about the NANOG mailing list