· Identify Target System OS with TTL and TCP Window Sizes using Wireshark
· SMB Version scaning
Use Wireshark to identify the OS running on the target machine by looking at the Time To Live (TTL) and TCP window size in the IP header of the first packet in a TCP session. observe the TTL and TCP window size fields
From Windows box
A. Open Wireshark – Click Ethernet interface to start capture
B. Ping the target
C. Analyze the REPLY packet from TARGET
https://www.netresec.com/?page=Blog&month=2011-11&post=Passive-OS-Fingerprinting
SMB Scanning – Using Metasploit
From Kali box
A. https://www.offensive-security.com/metasploit-unleashed/port-scanning/