0) A quick session of google'fu can get you the answers you wish.
1) I was able to find some MS documents that suggest a blank admin password is possible.
2) I found a few references stating if FAT32 drives are used a few files can be removed to end up with a blank admin password (use a linux/dos boot disk to remove them etc).
If you don't have physical access to the box how can you ensure no password was set?P.S. Consider the hypothetical machine secured with only netbios port open and no other extra service running. Windows was just freshly installed with everything set to default and passwords left blank. You have no physical access to the box