Should I be using WEP?

[JVM]

I just switched ISPs and the new modem/router came setup for wireless. I have all my devices hard-wired so I disabled the wireless feature. There are options for security, WEP, WPA-PSK, WPA2-PSK, and WPA/WPA2-PSK.

As of now it is set at default for WPA/WPA2-PSK. Since I am not using wireless, shouldn't it be set to WEP?

[Hungry Man]

No. Use WPA2.

[Marja]

Quote:

As of now it is set at default for WPA/WPA2-PSK. Since I am not using wireless, shouldn't it be set to WEP?

You disabled wireless on your router, correct?
Now that your connections are only set to wired, you don't need wireless security (like WPA or WPA2).

Just use whatever security you usually use while wired.

If you decide to use wireless later, then you can use, at least, WPA2.
WEP is not really considered safe anymore on wireless connections.

HTH

[JVM]

Quote:

Originally Posted by Marja

You disabled wireless on your router, correct?
Now that your connections are only set to wired, you don't need wireless security (like WPA or WPA2).

Just use whatever security you usually use while wired.

If you decide to use wireless later, then you can use, at least, WPA2.
WEP is not really considered safe anymore on wireless connections.

HTH

Wireless is disabled and Security mode is WPA/WPA2-PSK by default. I called the company and was told WEP is also for wireless but not recommended. It was suggested I stay with the default setting, WPA/WPA2-PSK.

[JVM]

Quote:

Originally Posted by Hungry Man

No. Use WPA2.

I just set it to WPA2-PSK. Do you know why they would have an option for WPA/WPA2-PSK when WPA2 is stronger than WPA?

[JW Clements]

Quote:

Originally Posted by JVM

I just set it to WPA2-PSK. Do you know why they would have an option for WPA/WPA2-PSK when WPA2 is stronger than WPA?

It's there in case you have a device that's incapable of WPA2. These evolve over time, with new devices getting more secure, but old devices don't always evolve to match, they stay the same unless there's a firmware upgrade available.

[Dark Shadow]

Because some older wireless access points are not compatiable thats why you have choices for WEP - WPA -WPA2.

Ah JW beat me to it.

[Hungry Man]

You don't want PSK - just WPA2.

And they leave other versions for backwards compatibility.

[funkydude]

Quote:

Originally Posted by Hungry Man

You don't want PSK - just WPA2.

And they leave other versions for backwards compatibility.

There is WPA2 personal or enterprise, there is no "just WPA2".

And some routers don't support WPA2 Enterprise, only WPA2 PSK (Personal).

[Hungry Man]

Quote:

Originally Posted by funkydude

There is WPA2 personal or enterprise, there is no "just WPA2".

Yeah, got confused. I was thinking of TKIP + AES.

[JVM]

Thanks guys, you have been very helpful, much appreciated.

[SirDrexl]

Quote:

Originally Posted by JW Clements

It's there in case you have a device that's incapable of WPA2. These evolve over time, with new devices getting more secure, but old devices don't always evolve to match, they stay the same unless there's a firmware upgrade available.

Yeah, sometimes it's necessary if you have a device that has stayed on the market for years without being updated for stronger schemes. For example, the Nintendo DS (up to the Lite at least) would only work with WEP, and the Sony PSP (not the Vita) can't do better than WPA.

And even then, try to use it only temporarily to get what you need for the device. Outside of a hotspot, I'm not sure if I would play online games, as that would require a more or less persistent connection.

[JVM]

Quote:

Originally Posted by SirDrexl

Yeah, sometimes it's necessary if you have a device that has stayed on the market for years without being updated for stronger schemes. For example, the Nintendo DS (up to the Lite at least) would only work with WEP, and the Sony PSP (not the Vita) can't do better than WPA.

And even then, try to use it only temporarily to get what you need for the device. Outside of a hotspot, I'm not sure if I would play online games, as that would require a more or less persistent connection.

Why would playing online games be an issue?

It appears from what's been said that WPA/WPA2-PSK may be the best way to go. In case WPA2 is not supported, the router switches to WPA, so there is no compromise in security using WPA/WPA2-PSK. I assume the router will always use WPA2 and switch to WPA only if necessary?

[SirDrexl]

Quote:

Originally Posted by JVM

Why would playing online games be an issue?

Well, I wouldn't want my whole network to use WEP just so I can play Mario Kart or something online now and then. Although, some routers have a WPA and WPA2 mixed mode that could work for the PSP. I haven't seen that on mine though (Gargoyle OpenWRT firmware).

[JVM]

Quote:

Originally Posted by SirDrexl

Well, I wouldn't want my whole network to use WEP just so I can play Mario Kart or something online now and then. Although, some routers have a WPA and WPA2 mixed mode that could work for the PSP. I haven't seen that on mine though (Gargoyle OpenWRT firmware).

I wasn't thinking of Nintendo but rather online chess. I have it set to WPA/WPA2-PSK since it appears WPA2 would be used and WPA only if WPA2 wasn't compatible.

[Brian K]

JVM,

I'm confused. You said all your devices are hard wired and you have disabled wireless.

You don't need to use WEP or WPA2 as they are for wireless.

[Triple Helix]

Quote:

Originally Posted by JVM

I wasn't thinking of Nintendo but rather online chess. I have it set to WPA/WPA2-PSK since it appears WPA2 would be used and WPA only if WPA2 wasn't compatible.

Quote:

Originally Posted by Brian K

JVM,

I'm confused. You said all your devices are hard wired and you have disabled wireless.

You don't need to use WEP or WPA2 as they are for wireless.

Very True Brian! Here is my Wireless settings JVM I just removed my Pre-shared Key for the picture!

TH

[Marja]

Great, someone else noticed JVM said he disabled wireless!

It was getting real confusing to keep reading about which wireless
security he should use, when he wasn't even using wireless.

Thanks for posting Brian and Trip-
Good, so I'm not crazy - this time at least..

[Brian K]

Quote:

Originally Posted by Marja

It was getting real confusing to keep reading about which wireless
security he should use, when he wasn't even using wireless.

Marja,

You said this in Post #3 but no-one took any notice.

[JVM]

Quote:

Originally Posted by Brian K

JVM,

I'm confused. You said all your devices are hard wired and you have disabled wireless.

You don't need to use WEP or WPA2 as they are for wireless.

I switched ISPs and got this router/modem. I was looking at the router's settings and questioned what was set for security. I thought WEP was for wired connections and WPA for wireless. Eventually I read they are both for wireless. However, when I called my ISP and got level 2 tech support, and I told him I had wireless disabled, he never said it didn't matter because I was hard-wired.

[Bill_Bright]

Quote:

was told WEP is also for wireless

"Also" does not imply "will be" used. It is just another (and less secure) protocol.

But as noted, you are not using your WAP - wireless access point - which is a totally separate, discrete network device that just happens to share a box, circuit board and power supply as your router and likely a 4-port Ethernet switch too. And it sounds like your situation, your device also includes your modem. So you may have one box, but you need to remember it is an integrated device - really a 4-in-1 device, the router, WAP, switch and modem - 4 discrete network devices, in one box to cut costs - but still separate devices.

This is similar to home theater or stereo "receivers". The only reason is can be called a receiver is because it has, in same box, a radio (AM/FM) "tuner", but also the pre-amplifier section and the amplifier section. 3 audio devices - but all in one box - and must cheaper than separates.

You don't use wireless encryption technologies over Ethernet (wired) connections. You are not using wireless at all, so the default settings don't matter - AS LONG AS you have disabled the WAP in your device's configuration menu. If you have not disabled the WAP in the menu, then it is possible someone could still "see" your network. And if a hacker sees it (when driving around your neighborhood, or from an adjacent apartment), then he might try to hack it. So if not using wireless, disable it.

IF you wish to allow wireless access to your network (for guests, for example), then you can enable the WAP feature, but then you should use the highest encryption level your devices (guest's too) support - and hopefully that is not WEP, but WPA-2.

Quote:

I called the company and was told WEP is also for wireless but not recommended. It was suggested I stay with the default setting, WPA/WPA2-PSK.

I disabled the wireless feature.

I don't think "the company" understood you disabled the wireless feature either. They are right with their recommendation - if you are using wireless. But if the feature is disabled, the settings don't matter.

[JVM]

Quote:

Originally Posted by Bill_Bright

"Also" does not imply "will be" used. It is just another (and less secure) protocol.

But as noted, you are not using your WAP - wireless access point - which is a totally separate, discrete network device that just happens to share a box, circuit board and power supply as your router and likely a 4-port Ethernet switch too. And it sounds like your situation, your device also includes your modem. So you may have one box, but you need to remember it is an integrated device - really a 4-in-1 device, the router, WAP, switch and modem - 4 discrete network devices, in one box to cut costs - but still separate devices.

This is similar to home theater or stereo "receivers". The only reason is can be called a receiver is because it has, in same box, a radio (AM/FM) "tuner", but also the pre-amplifier section and the amplifier section. 3 audio devices - but all in one box - and must cheaper than separates.

You don't use wireless encryption technologies over Ethernet (wired) connections. You are not using wireless at all, so the default settings don't matter - AS LONG AS you have disabled the WAP in your device's configuration menu. If you have not disabled the WAP in the menu, then it is possible someone could still "see" your network. And if a hacker sees it (when driving around your neighborhood, or from an adjacent apartment), then he might try to hack it. So if not using wireless, disable it.

IF you wish to allow wireless access to your network (for guests, for example), then you can enable the WAP feature, but then you should use the highest encryption level your devices (guest's too) support - and hopefully that is not WEP, but WPA-2.

I don't think "the company" understood you disabled the wireless feature either. They are right with their recommendation - if you are using wireless. But if the feature is disabled, the settings don't matter.

The company understood I am using wireless, and I told him I disabled the wireless feature. I also told him I had everything hard-wired.

As I indicated earlier, it is a modem/router, which is two in one and has never been a problem for me. My previous ISP also provided me with a modem/router--all in one.

You say disable WAP but I don't know what that means. I do have wireless disabled, box is not checked anymore.

[Bill_Bright]

Quote:

The company understood I am using wireless, and I told him I disabled the wireless feature. I also told him I had everything hard-wired.

What? Did you mean to say the company understood you were NOT using wireless?

Quote:

You say disable WAP but I don't know what that means. I do have wireless disabled, box is not checked anymore.

WAP - or wireless access point - is the network device that provides wireless access. It can be a stand-alone device (in its own box with its own power supply) or integrated into a router, as in your case.

When you disable the WAP, you disable wireless access. So from here, it looks like you are good to go.

[SirDrexl]

Yes, even if you don't use wireless, you should still check to see if any network is enabled. For example, a DD-WRT firmware installation defaults with an open wireless network , so you have to disable it or change it to a secure network. I found out first hand when I noticed a couple of strange visitors on mine the next morning (thankfully, no damage had been done). I wasn't using wireless and didn't bother to check. I didn't even consider that it would leave an open network.

I guess the intent is to allow the router to be configured wirelessly. But, they stress updating the firmware with a wired connection, so why not leave wireless disabled by default and let the user configure wireless while he still has the wired connection?