WEP or WPA what should I use for my WiFi networks connection
My understanding of wireless security protocol strength, starting with most secure:
- WPA2-AES
- WPA2-TKIP
- WPA
- WEP
Search for WEP cracking and you'll find plenty of tutorials on cracking it in 10 minutes on common PCs. WPA is significantly more difficult to crack, but each version has its weak points. WPA2-AES is considered top of the line last I heard and supported by pretty much all modern routers and OS's.
See these Security Now! past episodes for in-depth explanations:
- Episode 170, The TKIP Hack
- Episode 89, Even More Badly Broken WEP
WEP if you want to get hacked.
WPA if you don't.
use WPA2 or WPA
Here is furthere reading on this
Here are a few reasons why use WPA over WEP
WPA vs WEP
At this point there is no good reason to use WEP outside lessons on hacking. WPA is easier to use, safer, and standard on all clients that you'll encounter.
As long as all of your wireless client devices (phones, laptops, PDAs, etc.) support it, use WPA2 with AES encryption instead of WEP.
If you have users with old driver software, operating systems, and wireless cards, you may be limited in what you can do. Most devices that originally supported only WEP can be upgraded via software to support WPA with TKIP, but they may not be able to support WPA with AES or WPA2 with AES.
There are lots of old special-purpose devices out there that may only support WEP. For those legacy devices, you may want to create a separate SSID and VLAN along with super-strict firewall policies.
For personal use, WEP with a "closed network" (where the SSID is not broadcast in beacon frame) is enough to say "this isn't a public network" to keep your honest neighbors from hopping onto your network. It won't keep hackers out, but you are probably more vulnerable to the latest worm/virus than someone trying to hack into your home computer from within a few hundred feet of your house. :)
For office use, you should use WPA2-PSK+AES (pre-shared key) with a strong passphrase at the least. Ideally, you will be able to use "WPA2 Enterprise", which means that you use something more secure and manageable than a shared secret (your domain credentials, a smart card, one-time password, or client certificate) to get onto the network. This will require a RADIUS server and some kind of centralized authentication system.