Chatter on the Wire: A look at excessive network traffic and what it can mean to network security. This paper takes a look at past Active and Passive OS Fingerprinting tools and where to go with them in the future. It is primarily geared towards how to use passive OS identification to its greatest potential using every packet that flows across the network, not just tcp packets.
You can download it from the following link: https://packetstormsecurity.com/files/download/39158/OSFingerPrint.pdf
Source: https://packetstormsecurity.com/files/39158/OSFingerPrint.pdf.html