I just finished loading a Windows 2008 server running IIS yesterday,
Before you selected the web server role, how many ports did it have open?
Just as a reminder, you yourself said:
When you load windows, it's NOT secure, you have to load other stuff to make it secure.
Windows boxes? They come out of the install process wide open with a whole raft of dangerous services turned on.
If that's true, and if you have recent experience of it, you should have no trouble at all telling me what part of your initial Windows Server 2008 install was insecure. Which dangerous services were turned on? You did this just yesterday, this should be a breeze.
Look. I don't believe you. Nobody who works with Windows Server would say the OS is descended from Windows 3.1. It's not possible for that combination of expertise and ignorance to co-exist. You're lying to me about setting up a Windows Server. I'm not buying what you're selling, buddy.