The first step in finding vulnerabilities in a network would be to interview every system owner in your organization and find out as much about applications and processes as you can. This will help you to understand what devices are doing and why. Ask as many open ended questions about the applications as you can. You will learn a lot during this process.

Once you are done with your interviewing and assessment, check and document each network device, clients, servers, routers, switches, etc. Get a copy of visio and begin to map out the network and it's relationship to the outside world. Document the patche levels of each server. Research the status of firewall/router software and find out if there are any known vulnerabilities in the running versions.

Find and document all voice and data circuits. Document these circuits in Visio and show any relatioinship to the data network.

At this point is when you can download or use some of the tools listed in some of the above post to check for extraneous services. Without the data you have gathered through asking questions, you will second guess those services that you find running on devices, attempt to stop those services you deem to be extraneous, and ruin the day's production and have to explain to your boss why you took the production/planning system down in the middle of the day.

Once you are done with this process, you have not only learned a lot about your infrastructure, you will have the knowledge you need to safely recognize extraneous services, and also identify vulnerabilities since now you know how things relate to one another.

This process is sooo valuable in learning your infrastucture from top to bottom and will help you to make very good decisions from a security standpoint.

Good Luck.