[Winpcap-users] Failure to see broadband device
Guy Harris
guy at alum.mit.edu
Fri Apr 10 17:14:54 PDT 2009
On Apr 9, 2009, at 9:14 PM, Perry Kivolowitz wrote:
> I'm not following the part about opening the adapter for generic
> dialup
> and vpn capture. Could you share some more insight?
That adapter - at least if you're using NT 5.x rather than the NT 6.x
you're using - can be opened and captured on even if you don't have
any dialup or VPN connections. Those connections generally involve:
a "dialup" stage of some sort, which won't be captured on that
adapter (as it might be something it can't capture, such as AT
commands to the modem or PPPoE setup or VPN setup; the latter can
probably be captured on the Ethernet or Wi-Fi or... adapter over which
the PPPoE or VPN session is layered);
some initial PPP packets that are required in order to set up the
network adapter for the connection, e.g. packets to get the IP
addresses on both ends of the connection;
regular PPP traffic once the network adapter is set up.
If you make a PPP connection of some sort (dialup/PPPoE/VPN/etc.), a
new network adapter will appear for that connection, and you can
capture traffic on it. You can't capture traffic on it before it
exists, so the traffic in the second stage listed above can't be
captured on that adapter. If you capture on the "Adapter for generic
dialup and VPN capture", however, you can see that traffic.
Well, actually, *you* can't, because you're running on Vista. The
WinPcap support for dialup/VPN adapters works in NT 5.x (W2K/WXP/W2K3
Server), but not NT 6.x (Vista/W2K8 Server).
See
http://www.winpcap.org/misc/faq.htm#Q-5
for more information on this.
More information about the Winpcap-users
mailing list