Win2000 inherits the network features of Win4.0 Workstation. A regular stand-alone user can get rid of network features and of many others as well, what I read, at least many messages are posted, and there’re special sites on that topic.
But for administering purpose, there must be default shares with full control for Administrator.
Anyway, you’re safe with the default shares, although they allow access (but no control) to users by supplying the entire filename and path (including the $).
The Internet security of your computer is another question.
The default share is not a hole, you can trust it, but don't assume that it will give you any idea of how 'secure' your computer is. First, figure out what exactly it is that you're 'securing'. Think about what it is that is secret, or what needs to be available to you, or must not be modified, etc. Then protect those things. Even portscans don't really give you an idea of how effectively you're protecting your information assets. From a more practical point of view, concentrate on good behavior; read the secure behavior guides at securityfocus for a better idea.
You can find many good ideas in books or sites on Protect Your Privacy on the Internet. Following these guidelines will protect you pretty well if you don't run any services. If you do run services, be sure that you understand them so that you can configure them to offer the least access possible while still performing their function; also stay up to date on patches to make sure that those measures are not circumvented.
Good luck.
<i>sticking feathers up your butt does not make you a chicken</i>
Facebook
Twitter
Instagram