I have W2K Pro (Workstation) SP1 with IIS running on it if I ever need it. IIS5 is installed but I haven't yet configured anything or changed the default installation. Are there any security holes with it or its default installation. Because I recieved the following Web Server / OS sniff the other day (this is the entire logfile). Also, I changed the IP address because it appears to be one my parent company owns, (it's running HP-UX) and I have no control over how secure their network is.

I'm probably being too paranoid, they were probably just doing a security audit or something.

Thanks,
Josh


#Software: Microsoft Internet Information Services 5.0
#Version: 1.0
#Date: 2001-04-24 23:12:12
#Fields: time c-ip cs-method cs-uri-stem sc-status
23:12:12 192.168.254.55 HEAD /iisstart.asp 200