Results 1 to 8 of 8

Thread: Client Isolation

  1. #1
    Just burned his ISO
    Join Date
    Jan 2006
    Posts
    11

    Default Client Isolation

    Does anyone know about client isolation?? how can I bypass that??

    thanks!

  2. #2
    Just burned his ISO
    Join Date
    Apr 2006
    Posts
    3

    Default

    I'd like more info on this as well.

  3. #3
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    This has been addressed a few times already, so search the forum first please. Flexing that Google'Fu wouldn't hurt either as the first page that came up after running "bypassing client isolation" gave the exact information you're looking for.

    I will give you this though; hopefully it will give you at the very least an understanding of what CI actually is:

    Code:
     
    SSID Client Isolation prohibits wireless clients in the same subnet from
    communicating directly with each other and thereby bypassing the firewall



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  4. #4
    Just burned his ISO
    Join Date
    May 2008
    Posts
    24

    Default

    Hummm... it's very interesting. At Defcon Wireless network the same happens, you are unable to see any other laptop. Is it Client Isolation?

    I looked at google and couldn't find a way to bypass it. Appear all the rules to not broadcast packets to all users is made via MAC, like in a Switch. I'm, right?

    So maybe a kind of CAM table overflow can be possible? Or other MAC poisoning?

    thanks

  5. #5
    Just burned his ISO
    Join Date
    Jan 2006
    Posts
    11

    Default

    well, I know what CI means, and with juniper is just a check box to check!! buy how can I bypass that? how can I communicate with other client? I dont want the whole subnet, only one or two...

  6. #6
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    7

    Default

    Quote Originally Posted by Server View Post
    well, I know what CI means, and with juniper is just a check box to check!! buy how can I bypass that? how can I communicate with other client? I dont want the whole subnet, only one or two...
    You could uncheck the box.

  7. #7
    Member
    Join Date
    Jan 2008
    Posts
    194

    Default

    arp poisoning?

  8. #8
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Alright, as there seems to be quite a bit of confusion regarding this, I give you what I know:

    Client Isolation is simply that. Each client is put on its own vlan and denied communication to the others. What does that mean? Well...two things really.

    A) You aren't going to be able to communicate with the other clients through conventional means, and the only way I've been able to bypass this function is by hacking the MACs of all clients to be communicated with onto the gateway's pass-through list.

    B) Sniffing is still a very real possibility. Just because the clients are isolated, doesn't mean that you can't actively sniff the network and capture all data being passed.

    Hope that clears some things up. There are a couple of other pieces of the puzzle of course but you are all intelligent people, I know you can figure it out....



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •