The idle scan is a TCP port scan method that consists of sending spoofed packets to a computer to find out what services are available. This is accomplished by impersonating another computer whose network traffic is very slow or nonexistent. This could be an idle computer, called a "zombie".
IDLE/IPID header scan
Every IP packet on the Internet has a fragment identification number (IPID); an OS increases the IPID for each packet sent, thus, probing an IPID gives an attacker the number of packets sent after the last probe.
IPID increased by 2 will indicate an open port , 1 will indicate a closed port.
Nmap -sI <Zombie IP address> <target IP address> (P.315/299)
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Scryptic
Highly Voted 1 year, 8 months agoDaniel8660
Most Recent 6 months, 3 weeks agoANDRESCB1988
1 year, 9 months ago