Question

Assume that the firewall in question A) is a stateless firewall. Give an example of a packet that will be accepted by this firewall, but the same packet would be rejected if the firewall was stateful.

Answer 1

A stateless firewall does not take as much into consideration as stateful firewalls. Hence, they are less rigorous. For example, a stateless firewall will not be able to consider the overall pattern of incoming packets. Hence, a stateless firewall would accept such packets. However, it is required and important to block packets considering the overall pattern of incoming packets which could be useful and secure in terms of bocking larger attacks that happen beyond the individual packet level. Whereas a stateful firewall blocks packets considering the overall pattern of incoming packets, as stateful firewall blocks or allow packets depending on the full context of a given network connection. Hence, such packets would be rejected by a stateful firewall.

Stateless firewalls filter, allow, and block packets depending on the individual packets themselves and based on rules specifying certain match conditions. Stateless firewall filters packet deciding based on information in packet headers. Whereas, stateful firewalls filter packets deciding based on flows. The connection state is unknown in a stateless firewall, where it is known in stateful. Stateless is less secured than a stateful firewall. A stateless firewall only checks a packet's constant- header information, IP address, port number, etc. Whereas a stateful firewall keeps track of every packets' state information, pattern matching, etc. A stateless does not relate to connection stat but only treats each packet in isolation. Whereas a stateful maintains the full context about the current and active sessions.