If I have a LAN which doesn't have any DMZ hosts, forwarding, etc. (i.e., has nothing visible to the Internet), why is SPI (Stateful Packet Inspection) helpful?

If I set up a router using NAT for the LAN with a non-existant DMZ host (e.g., set up 192.168.1.99 as DMZ host but don't use it as an IP address in my LAN), nothing from the Internet will come into my LAN except as a result of NAT allowing it in on a dynamic basis.

Is there some way an Internet cracker could "hijack" such a temporary connection?

I assume that SPI might incur a cost in throughput (although I haven't tested it), so wouldn't it be better to disable SPI under the circumstances I described above?

NAT prevents uninvited connections from the internet. SPI seeks to prevent an established connection being compromised by inspecting each packet. I believe the overhead for SPI is generally accommodated by higher spec processing. I don't think your dummy DMZ device will make any difference.

For a home user I think NAT is sufficient in most cases, but I would not disable SPI if it exists in the router. As the hackers tools become more sophisitcated so the defences need to match.

There is some interesting reading here on SPI.
http://rr.sans.org/firewall/anatomy.php

Thanks. :) The article was very helpful and interesting.

The reason I DMZ to a non-existant host is so that the IP address is "stealthed" - so it appears to the Internet that there is no computer at that IP address. (Except for the ports used dynamically by NAT.)

With most NAT routers there is an option so you can stealth the WAN port to not respond to pings.