I am doing a research on how someone can detect whether another machine is running Windows or Linux, if it runs inside a virutal machine, if it's behind NAT\proxy\VPN and what not. I saw some interesting tools like p0f, which does passive detection. Basically, I know there are implementation differences in TCP and other underlying protocols, not to mention application level stuff that exist on Windows and not Linux, but I can't find any, and worse still, I really do not know what terms to look for in Google.
Do you have links or tutorials explaining what to detect to differentiate Linux and Windows?