On Sep 9, 2008, at 3:24 PM, Gianluca Varenni wrote:
Short story: the wireless adapter is probably one of the two
"Microsoft"
ones.
As opposed to the "MS Tunnel Interface Driver"; *that* name goes back
to at least 2005:
http://thud.ethereal.com/lists/ethereal-users/200511/msg00119.html
i.e., long before Vista and the native Wi-Fi stuff. Google also found
http://www.pcreview.co.uk/forums/thread-223683.php
from which I infer that the "MS Tunnel Interface" might be for 6to4:
http://en.wikipedia.org/wiki/6to4
and/or Teredo:
http://en.wikipedia.org/wiki/Teredo_tunneling
and/or "Automatic" tunnelling:
http://msdn.microsoft.com/en-us/library/ms737544(VS.85).aspx
which all are for various forms of tunneling IPv6 through non-IPv6-
capable equipment/networks.
I.e., the "MS Tunnel Interface Driver" might have nothing to do with
Wi-Fi, and might appear on, for example, Ethernet-only machines.
Long story: starting from Vista, wireless drivers can be old style
(NDIS
5.x) working exactly like in Windows 2000/XP, or native Wifi drivers
(NDIS6). In this case the driver is lightweight and delivers 802.11
frames
to an intermediate driver (developed by MS) that converts 802.11
frames into
cooked 802.3 frames that can be managed by the upper protocols like
the
TCP/IP stack. This intermediate driver is also responsible for
managing
association/disassociation, BSSID scans and such. And this
intermediate
driver is also responsible for filtering the requests coming from
the upper
protocols (like WinPcap) for the underlying device description, and
always
returning "Microsoft" instead of e.g. "Intel Wireless 4965 Adapter".
I haven't looked if there is a possible workaround to the problem,
yet.
The problem being that you can't get the name of the adapter, so you
just have these two mysterious "Microsoft" adapters, one or more of
which might support capturing on Wi-Fi networks (possibly even in
promiscuous mode), and the names don't let the user know that they
correspond to the wireless adapter?