·         Identify Target System OS with TTL and TCP Window Sizes using Wireshark

·         SMB Version scaning

Use Wireshark to identify the OS running on the target machine by looking at the Time To Live (TTL) and TCP window size in the IP header of the first packet in a TCP session. observe the TTL and TCP window size fields

From Windows box

A.      Open Wireshark – Click Ethernet interface to start capture

B.       Ping the target

C.      Analyze the REPLY packet from TARGET

https://www.netresec.com/?page=Blog&month=2011-11&post=Passive-OS-Fingerprinting

 

 

SMB Scanning – Using Metasploit

From Kali box

A.      https://www.offensive-security.com/metasploit-unleashed/port-scanning/