I found this the other day and have been tinkering around with it....
"Winfingerprint is capable of querying/enumerating information without any logon credentials via the Windows null session. Essentially, the null session is an unauthenticated connection to an NT machine used for anonymous information gathering (user lists, for example). While the availability of null sessions eases some administrative burden by providing services to tools like Explorer, null sessions are akin to the Unix "finger" service. They are an intruder's dream: access to users, shares and other potentially useful information, remotely and anonymously. While null sessions can be disabled using a registry hack (see "Locking Down Windows NT Server"), most organizations have not made these changes. "
Can be found here http://winfingerprint.sourceforge.net/
or here http://www.mirrors.wiretapped.net/se...infingerprint/
Anyway, I thought it might be handy...did I mention it's free?