In the network security world, nmap is the king for fingerprinting systems and services over the network. It can help identify the operating system (OS), type, and version of a network service, and vulnerabilities that might be present.
The problem with nmap is that it generates a lot of "noise" when it performs those activities because it has to send out packets to the system in question to learn more about it. Nmap is an example of an active fingerprinting tool.

There are less noisy alternatives to nmap that fall into the passive fingerprinting category. Instead of actively sending packets to a host and service, they passively analyze network traffic to identify unique characteristics for particular operating systems, client applications, and network services. Their strength is based on the breadth of their signature database, which is not always great. To date, the majority of free and open-source passive fingerprinting tools have focused on OS fingerprinting

The link for this article located at Dark Reading is no longer available.