An attacker sends a UDP datagram having an assigned value to its internet
						identification field (ID) to a closed port on a target to observe the manner
						in which this bit is echoed back in the ICMP error message. The internet
						identification field (ID) is typically utilized for reassembling a
						fragmented packet. RFC791 and RFC815 discusses about IP datagrams,
						fragmentation and reassembly. Some operating systems or router firmware
						reverse the bit order of the ID field when echoing the IP Header portion of
						the original datagram within the ICMP error message. There are 3 behaviors
						that can be used to distinguish remote operating systems or firmware.1.The IP ID field is echoed back identically to the bit order of the
							ID field in the original IP header.2.The IP ID field is echoed back, but the byte order has been
							reversed.2.The IP ID field contains an incorrect or unexpected value.