Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept. Various types of inverse mapping are used in a wide range of mathematical applications.
2) In a computer network, inverse mapping is a stealth-approach network scanning method that gathers information about inactive IP addresses on a network to try to determine which IP addresses are associated with active hosts.
According to the Systems Administration and Network Security (SANS) Institute, typical firewall procedures can help the attacker to gain the information they seek. Typically, firewalls and routers do not respond to a ping response packet if the target address exists on the network, but respond with an ICMP (Internet Control Message Protocol) host unreachable signal if the target is not available. The absence of response allows the attacker to guess which IP addresses of a given address block map to live hosts.
Inverse mapping may be a widely-used attack technique. In November 1999, the SANS Institute noticed evidence in their router and firewall logs that they were receiving responses to ping requests in cases where no network machine had sent the request. When SANS made that information available to its membership, many members reported similar network activity.