Re: GetAdaptersAddresses & Physical Vs. Virtual Adpaters

OK, it may not be a valid solution...

While the info is present there, it seems that VPNs get identical entries
that cannot be readily distinguished from physical network cards....

For example, on a test system with Cisco VPN, I have the key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}

Which contains 2 GUID sub-keys - neither of which contains values or
sub-keys that identify the "physical-ness" of the interface. One is for
Cisco VPN and one is for the physical NIC.

Below you will see the relevant parts of the "Network" branch from a sample
problem computer:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network]
"FilterClasses"=hex(7):73,00,[...]
"Config"=hex:00,00,[...]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\Connections]
"ClassManagers"=hex(7):7b,00,[...]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\SharedAccessConnection]
"EnableControl"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
@="Network Adapters"
"Class"="Net"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"RAS Async Adapter"=hex(7):31,00,00,00,00,00
"WAN Miniport (L2TP)"=hex(7):31,00,00,00,00,00
"WAN Miniport (PPTP)"=hex(7):31,00,00,00,00,00
"WAN Miniport (PPPOE)"=hex(7):31,00,00,00,00,00
"Direct Parallel"=hex(7):31,00,00,00,00,00
"WAN Miniport (IP)"=hex(7):31,00,00,00,00,00
"Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper
RJ-45"=hex(7):31,\
00,00,00,00,00
"Deterministic Network Enhancer
Miniport"=hex(7):31,00,00,00,32,00,00,00,33,00,\
00,00,00,00
"Cisco Systems VPN Adapter"=hex(7):31,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{286DB490-9000-4340-961E-9BC8817BD6AB}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{286DB490-9000-4340-961E-9BC8817BD6AB}\Connection]
"PnpInstanceID"="PCI\\VEN_11AB&DEV_4320&SUBSYS_811A1043&REV_13\\4&2E98101C&0&28F0"
"MediaSubType"=dword:00000001
"Name"="Local Area Connection"
"ShowIcon"=dword:00000001
"IpCheckingEnabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E047D8E8-552A-4B16-913E-5C18501ACB67}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E047D8E8-552A-4B16-913E-5C18501ACB67}\Connection]
"PnpInstanceID"="ROOT\\NET\\0000"
"MediaSubType"=dword:00000001
"Name"="Local Area Connection 2"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
@="Network Client"
"Class"="NetClient"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
@="Network Service"
"Class"="NetService"



"Arkady Frenkel" wrote
OK, try to from driver's ( "Network adapters") registry: as you saw each
network card reg key have "ServiceName" sub key with GUID. That guid is
Key for network drivers, so search that GUID from
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{GUID}


.

Relevant Pages

  • Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
    ... This set of steps is redundant in many places, and it's also enormously expensive, since you're using no less than three different expensive bits of networking hardware (AP, PIX, VPN Concentrator), in addition to a bunch of x86 server hardware, windows server licenses, and at least one ISA license. ... Your computers necessarily don't have full access to your network infrastructure when they aren't logged on, so GPOs, software updates, etc can't be applied at the times you want them to be applied. ... Turning on, enabling, and implementing every possible security setting and device you think of is not defence in depth, and will probably only have two effects - your users won't use your wireless network, and you'll burn so much cash you won't have any left to spend on *useful* security measures. ...
    (Full-Disclosure)
  • TidBITS#792/15-Aug-05
    ... We also note the release of Security Update 2005-007, ... Macintosh FTP client, free for educational and charitable use. ... mentioned virtual private network (VPN) technologies. ...
    (comp.sys.mac.digest)
  • Re: Use Cisco VPN Client without Trashing WINDOWS/XP Wireless Network?
    ... I once had wireless home network troubles with my earlier version of Cisco VPN 3000 Client. ...
    (microsoft.public.windowsxp.network_web)
  • RE: VPN Error 800
    ... The VPN client IP is 10.0.1.40, this is a private IP address. ... server IP address is 81.137.105.244, this is a Internet IP address. ... not test VPN connection from your perimeter network. ... SBS on your switch to make it work. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN with SBS 2003 (not R2) and DSL.
    ... Reading property value for VPN returned OK ... Reading VPN Server Name returned OK ... identical network cards. ... it seems doubtful that SBS will work properly with two NICs ...
    (microsoft.public.windows.server.sbs)