------------ Client Id Must Match Hardware Address------
during my research to prevent mac spoofing on mikrotik hotspot package i found a good amount of data that can be used in layer 7
Dhcp client id : hardware type + mac address this value will not change if the hacker only spoofed a mac
router os dhcp does not match the client identifier with source mac plus hardware type and will give a lease to spoofed mac !
I Know DHCP servers can ignore the DHCP Client Identifiers but this can generate more security issues in a paid hotspot (Hotspot Billing)
the routeros dhcp will give an another lease if a hacker randomly generate client ids !! this can lead to alot of security risks if exploited
at least add an option in dhcp to match the values before giving a lease
where network administrators have the choice to activate this or not
thanks in advance