I am not sure how passive you can make it.. but.. you can do the following:
1) Shut down the Computer Browser Service (set to disable). This will prevent the machine from trying to contact any other machines for browse lists of servers.
2) Disable NetBIOS over TCP/IP. This is done in the Network Settings for the TCP/IP protocol on the NICs. This will keep many of the NetBIOS standard broadcasts from occuring and being responded to.
3) Disable the Register IP in DNS on the TCP/IP settings on the NICs Network Properties.
4) At the command prompt type NET CONFIG SERVER /HIDDEN:YES. This will prevent any other kind of registration of the server or the services that are running on it.
5) Disable all IIS services like HTTPs (WEB), SMTP, NNTP, FTP, etc.
6) Disable SNMP if installed.
7) Disable the Windows Time service
8) Do NOT put the server in a domain.
9) Remove Terminal Services, DHCP Servers, DNS Servers, or any other service that the system might be hosting.
That is all I can think of off the top of my head. The system will still respond to a ping... but that is about it.
This was first published in October 2001