Which technique captures traffic passively to infer the target's operating system without sending additional probes?

Capturing banners from traffic without actively probing relies on passively observing what the conversation already reveals. Banner grabbing is the practice of collecting identifying strings that services expose, such as version and sometimes the operating system, and doing this passively means you’re not sending any requests or probes—you’re just listening and extracting information from observed traffic. This approach fits the goal of inferring the target’s operating system without introducing additional probes. In contrast, active banner grabbing would require sending requests to provoke a banner, which goes against the passive constraint, and traffic analysis focuses on patterns and timing rather than explicit OS details from banners.