Although less feasible, it is still possible to use IP IDs for the general profiling of IP activity. In fact, when the victim establishes an interactive session to a remote system, IP IDs can even be used to time keystrokes or similar actions, thus turning this technique into one of the previously discussed timing attack scenarios. Similarly, you can enhance user-racking capabilities by measuring the number of packets sent by a specific host between two subsequent visits to a monitored network.

You can also use TCP sequence numbers on certain systems to achieve the same functionality as IP ID analysis, depending on the ISN-generator design. I encourage you to explore this idea in more detail.

As for tracking down the source of an ...