A value that exists in all IP packets is an ID number. Depending on the system, this ID number might be generated randomly, might always be zeroed out, or might increment by one with each IP packet that is sent. If a host with incremental IPID sequencing is discovered and that host is not interacting with other networked systems, it can be used as a means to identify open ports on other systems. We can identify the IPID sequencing patterns of a remote system by sending a series of IP packets and analyzing the responses:
If we send two IP packets to an idle Windows system, we can examine the integer value of the ID ...