What is a disadvantage of stateless packet filtering firewalls?

Stateless packet filtering firewalls operate by examining each packet in isolation without any regard for the state of a session or the context of the current communication. This lack of contextual awareness means they cannot track the relationships between packets that constitute a complete session. As a result, they are less effective in identifying and blocking certain types of attacks that rely on session context, such as TCP connection hijacking or complex multi-step attacks.

For example, if an attacker sends packets that seem valid on their own but are part of a malicious session, a stateless firewall may let them through without recognizing the overall malicious intent. This vulnerability leads to reduced security effectiveness compared to stateful firewalls, which monitor and remember the state of active connections, thereby providing more robust protection.

The other options highlight advantages of stateless packet filtering firewalls rather than disadvantages. For instance, they are known for their simplicity, making them easier to configure and manage. They also generally process packets faster since they do not maintain session states, which can be beneficial in high-throughput environments.