[PEN-TEST] Pen Testing Win2K

[H Carvey <keydet89 () YAHOO COM>]

What are everyone's favorite techniques for pen-
testing or penetrating Win2K?  

What are the things you look for, and what are the 
things you do to exploit those vulnerabilities?

I'm trying to compile a list...I'm very familiar w/ NT, but 
I now have network security responsibilities for 
Win2K, IIS5, and Exchange 2000.  I know about 
researching vulnerabiliities and exploits...but I've 
already seen things here in this list that really aren't 
readily available via some of the popular sites.

DoS attacks, particularly those that lead to admin 
access, of Win2K, IIS5 or Exchange 2000 are 
appreciated.

Carv