Is vulnerabe the process of sending credentials to a NAS ?

Daniel Lopez danilogo1991 at
Fri Jan 22 17:22:48 CET 2016

Hello. I've got a doubt about the security in authentication process.
Suppose we have our Freeradius server configured to authenticate a certain
user via password (Cleartext-Password) and MAC address
(Calling-Station-Id). When this user tries to authenticate via a NAS
(wireless router), and sends it its credentials, is it possible that an
attacker could obtain those credentials by sniffing the comunication? And
then gain access by mac address spoofing?
And if so, How could this be avoided? How to protect this first step?
Thanks you very much.

More information about the Freeradius-Users mailing list