After we know that the target machine is alive, we can then find out the operating system used by the target machine. This method is commonly known as Operating System (OS) fingerprinting. There are two methods of doing OS fingerprinting: active and passive.
In the active method, the tool sends network packets to the target machine and then determines the OS of the target machine based on the analysis done on the response it has received. The advantage of this method is that the fingerprinting process is fast. However, the disadvantage is that the target machine may notice our attempt to get its operating system's information.
To overcome the active method's disadvantage, there is a passive method of OS fingerprinting. This method was pioneered by Michal Zalewsky when he released a tool called p0f. The major advantage of passive OS fingerprinting is that it does the work while reducing the interaction between the testing machine and the target, greatly increasing the stealth...