The origins of the Idle Scan

The Idle scan was conceived in late 1998 by the creator of Hping, who discovered that IP packet ID fields increment predictably. This vulnerability allowed scanning using spoofed packets, making the scanner's real address invisible to scanned hosts. The attack was publicly announced on BUGTRAQ and became a classic network security technique.