Well you are saying to different things. ""First of all it's impossible for someone to just "scan" a hard drive without proper software and permission" You are slightly ambiguous here in that you scan a hard drive. Obviously there are many interpretations to this statement but I'll take it as accessing files stored on a hard drive over the network. This type of access does require some type of misconfiguration on the part of the user (And sometimes the OS developer) In reality, your friends statement is true. If I completely remove any and all protocols related to file sharing over a network then you won't be able to view them. Now your ambiguity extends further with this statement "But he insists, that no one can log on/get access/scan your hardrive". Now I would assume you are talking about access beyond and including simple file access. In reality, it does take the user misconfiguring something again or poor development. If you close all listening ports on a machine all that's left to attack is 1, the user with things like malicious pages/scripts/etc, or 2, attack the network stack itself. For the latter, good luck.