This technique allows you to use another host on the network that is idle in order to perform a port scan to another host.The main advantage of this method is that it very stealthy because the firewall log files will record the IP address of the Zombie and not our IP.However in order to have proper results we must found hosts that are idle on the network.

As we can see from the above image the scanner has discovered that the IP addresses 192.168.1.67 and 192.168.1.69 are idle on the network and are potential candidates for use on an Idle Zombie Scan.In order to implement an Idle Zombie scan we need to use the command nmap -sI [Zombie IP] [Target IP]