Passive Fingerprinting is a method to learn more about the enemy, without them knowing it. Specifically, you can determine the operating system and other characteristics of the remote host using nothing more then sniffer traces. Though not 100% accurate, you can get surprisingly good results by looking at the TTL, TOS, Window Size, and DF bit. Includes information on changing your machines fingerprint on Linux and Solaris.
You can download it from the following link: https://packetstormsecurity.com/files/download/17729/finger.htm
Source: https://packetstormsecurity.com/files/17729/finger.htm.html