If it’s cloud, what provider/tier?
Down in California, down in Mountain View, there is a wooded non-descript office park next to an ethnic Christian church–the sort of area that other cities would call “light industrial zone” and leave the trees out of.
In one of the buildings there, there are several rooms of with decorations of varying shades of orange. People come here to seek their fortune, eat with other like-minded individuals, and attempt to disrupt the world. Those are not the interesting rooms.
The interesting room is really more a closet, and it’s dark and whirring and slightly warm from all of the networking and electronics equipment that sits there quietly keeping the back office functioning.
In a small corner of that room, forgotten and forlorn, a small blue/grey cable snakes down from an equally-forgotten Ethernet port and into a hole in the drywall. It is joined by a sister extension cord, orange out of either convention or camoflauge and attached to a forgotten wall socket.
Through several studded metal two-by-fours these snake, foot after foot, meter after meter, and were one to follow them one would find they eventually ended in dark space, a hidden compartment with room only for the roaches and a medium-sized aquarium.
In that aquarium, there are a few large crustaceans, illuminated only by the blinking amber and green of the network switch and Raspberry Pi that serve to warm their tank. A dim red glow from the power splitter at the end of the cord attracts their food. Their antennae twitch in search of the errant cockroach, as they crouch in silent vigil over the Rails server running this site.
These are the first Lobsters.
Lobste.rs is a rails app. My guess is that it runs OpenBSD, given @jcs’s involvement in that project, and nmap thinks so too:
Starting Nmap 6.47 ( http://nmap.org ) at 2016-08-01 11:54 PDT
Nmap scan report for lobste.rs (188.8.131.52)
Host is up (0.019s latency).
PORT STATE SERVICE
80/tcp open http
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose|firewall
Running (JUST GUESSING): OpenBSD 5.X|4.X|3.X (99%), Genua OpenBSD 4.X (90%), FreeBSD 10.X (89%)
OS CPE: cpe:/o:openbsd:openbsd:5 cpe:/o:openbsd:openbsd:4 cpe:/o:openbsd:openbsd:3 cpe:/o:genua:openbsd:4 cpe:/o:freebsd:freebsd:10
Aggressive OS guesses: OpenBSD 5.0 - 5.4 (99%), OpenBSD 4.9 - 5.1 (95%), OpenBSD 5.0 - 5.5 (95%), OpenBSD 5.0 (94%), OpenBSD 4.1 - 4.3 (94%), OpenBSD 5.3 (94%), OpenBSD 4.9 (91%), OpenBSD 4.3 (91%), OpenBSD 4.4 - 4.5 (91%), OpenBSD 3.8 - 4.7 (90%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 10 hops
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 5.17 seconds
My guess is that it’s running something newer than openBSD 5.4, and that my copy of nmap is old. :)
The IP belongs to M5 Security, according to the ARIN records: https://whois.arin.net/rest/net/NET-207-158-15-0-1/pft?s=184.108.40.206
Finally, there’s a hosting company that offers dedicated OpenBSD hosting called M5 Internet Hosting: https://www.m5hosting.com, which I’m going to take a guess and say is where Lobste.rs runs.
Oh suuuuuure take all the fun and mystery out of it. :|
Your comment still was a great combo of ridicululous and captivating. Excellent use of indirection.
Also of interest:
$ curl -sv https://lobste.rs/s/jt34ml/what_kind_hardware_cloud_does_lobste_rs > /dev/null
* Trying 220.127.116.11...
* Connected to lobste.rs (18.104.22.168) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: lobste.rs
* Server certificate: Let's Encrypt Authority X3
* Server certificate: DST Root CA X3
> GET /s/jt34ml/what_kind_hardware_cloud_does_lobste_rs HTTP/1.1
> Host: lobste.rs
> User-Agent: curl/7.43.0
> Accept: */*
< HTTP/1.1 200 OK
< Date: Tue, 02 Aug 2016 03:26:42 GMT
< Content-Type: text/html; charset=utf-8
lobste.rs cert is from letsencrypt
They are only running on a single IP (22.214.171.124), which is in a /24 owned by M5 Computer Security according to whois.
M5 Computer Security M5-SECURITY-NETBLK-3 (NET-207-158-15-0-1) 126.96.36.199 - 188.8.131.52
update: oh missed that @apg pointed out the whois stuff already. womp womp.