I do not know of any foolproof way to do this. The Nmap tool (http://www.insure.org) has an OS identification capability built in, but it is not perfect. In fact, if the computers are secured properly, it should be very difficult, if not impossible, to determine what operating system is being used, simply by outside observation. With Win2K, there may be a way that you can use the Active Directory along with the Certification Authority (CA) to set up a CA that will issue certificates to workstations on your network. You could then limit logins to only machines that have a valid certificate from your CA. It has been a while since I've used Win2K, so perhaps one of our readers could test this solution and verify that it could work or not.
For more information on this topic, visit these other SearchSecurity resources:
Best Web Links: Infrastructure and Network Security
Best Web Links: Securing Microsoft Applications
Dig Deeper on Network intrusion detection and prevention (IDS-IPS)
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.