this post was submitted on 04 Mar 2026
7 points (100.0% liked)

Cybersecurity

9648 readers
214 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago
MODERATORS
kid@sh.itjust.works
Lanky_Pomegranate530@midwest.social
7
Weird server requests (lemmy.dbzer0.com)
submitted 15 hours ago by WrenHavoc@lemmy.dbzer0.com to c/cybersecurity@sh.itjust.works
7 comments fedilink hide all child comments
 

So I'm the server admin and web developer for my school's robotics team. I look through the servers access logs every once in a while just to check on things. I keep seeing requests that look like someone's scanning for vulns. But I'm seeing something I've never seen before. It looks like someone is sending requests in machine code and I have no idea why or what it would do???

here's the request:

"\x03\x00\x00\x13\x0E\xE0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x02\x00\x00\x00" 400 166 "-" "-"
you are viewing a single comment's thread
view the rest of the comments
[–] JRaccoon@discuss.tchncs.de 5 points 14 hours ago* (last edited 13 hours ago)

Probably just testing for some vulnerability. If you're current on patches, you can just disregard as background noice. If it really happens a lot, setting up something like Fail2ban would be useful.

Edit: A quick google search suggests it looks like a Windows Remote Desktop packet header. So something scanning the internet for machines with open RDP