How to determine MAC Address of the actual physical network card -- not virtual network interfaces created by VPN's (.NET C#)

Background

I'm trying to get obtain a unique identifier out of a computer and want to be able to reliably return the same MAC address each time. Trust me I have my reasons for using MAC address and have read many posts about alternate unique id methods (and yes i've considered if they don't have any network cards).

Problem

The problem is in .NET i don't see anyway to tell whether a specific NetworkInterface is a physical hardware network card from something like a "Nortel IPSECSHM Adapter - Packet Scheduler Miniport" which get added when you connect to certain VPNs or WiFi networks.

I know how to get the Mac Addresses by using code similar to this:

    foreach (NetworkInterface nic in NetworkInterface.GetAllNetworkInterfaces())
    {
        log.Debug("NIC " + nic.OperationalStatus + " " + nic.NetworkInterfaceType + " " + nic.Speed + " " + nic.GetPhysicalAddress() + " " + nic.Description);
    }

Understandably there is no 100% way to make sure i'd be getting an internal network card but i'd like to pick the MAC address to return which for a given machine which is least likely to change. Independent of factors such as -- whether it's connected to wifi... gets connected via some type of tether connection... or they install some new vpn software which adds a new interface.

Strategies Considered

1) Choose the first interface that is "Up". This fails on my laptop because the "Packet Miniport" is always up. Additionally, if I tether my phone to my laptop this also shows up as the first card.

2) Choose the most appropriate type... This fails b/c basically everything shows up as "Ethernet" including WiFi Adapters and my iPHone tethering internet connection.

3) Pick the NIC which has an IP address. Fails for several reasons: 1) Network card might not be connected to LAN 2) There are multiple nics which might have IP Addresses.

4) Just send all MAC addresses... Problem is the list would change based on installed software and it'll be difficult to compare.

5) Pick the mac address with the fastest speed. I think this is probably my best bet. I think it's safe to say that the fastest interface is usually going to be the most permanent.

Alternatively, there may be some other way to detect physical cards in .NET or I'd consider invoking other API calls if you could recommend one that will provide different information.

Any other ideas?

To demonstrate here is the output of my sample code above when I have my iphone tethered:

DEBUG - NIC Down Ethernet 500000     0021E98BFBEF Apple Mobile Device Ethernet - Packet Scheduler Miniport
DEBUG - NIC Up   Ethernet 10000000   444553544200 Nortel IPSECSHM Adapter - Packet Scheduler Miniport
DEBUG - NIC Down Ethernet 54000000   00166FAC94C7 Intel(R) PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
DEBUG - NIC Down Ethernet 1000000000 0016D326E957 Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
DEBUG - NIC Up   Loopback 10000000  MS TCP Loopback interface

Without Iphone Connected:

DEBUG - NIC Up   Ethernet 10000000   444553544200 Nortel IPSECSHM Adapter - Packet Scheduler Miniport
DEBUG - NIC Down Ethernet 54000000   00166FAC94C7 Intel(R) PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
DEBUG - NIC Down Ethernet 1000000000 0016D326E957 Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
DEBUG - NIC Up   Loopback 10000000  MS TCP Loopback interface

Solution 1:

This is my method: it uses the fact that physical card is connected to PCI interface

ManagementObjectSearcher searcher = new ManagementObjectSearcher
    ("Select MACAddress,PNPDeviceID FROM Win32_NetworkAdapter WHERE MACAddress IS NOT NULL AND PNPDeviceID IS NOT NULL");
ManagementObjectCollection mObject = searcher.Get();

foreach (ManagementObject obj in mObject)
{
    string pnp = obj["PNPDeviceID"].ToString();
    if (pnp.Contains("PCI\\"))
    {
        string mac = obj["MACAddress"].ToString();
        mac = mac.Replace(":", string.Empty);
        return mac;
    }
}

Solution 2:

The first three bytes of the MAC address are a manufacturer ID. You could blacklist certain manufacturer IDs known to be unsuitable for your purposes, and ignore those interfaces.

Relying on the speed is not likely to be a good idea, because there's no reason why a VPN interface couldn't report itself as having gigabit speed.