A bit more accurate way would be to use a remote OS fingerprinting utility such as Nmap or XProbe as they rely on the properties of IP packets sent out by the OS. These too can be spoofed, but it's much less likely than changing the string your webserver reports. One disadvantage is that because these are active fingerprinting utilities, their use may be reported as an "attack" on the network if the target host is behind an IDS like Snort, so you may want to be careful or get permission first.