Shodan Stories Day 85: Hosting on Raspberry Pis in Arnstadt, CNAME Record Trails, and 'Home' Automation

Posted on Apr 4, 2019

There’s been a flurry of interesting recently shared searches on Shodan recently and I’m just catching up with them. Today I looked into one for Raspberry Pis running SSH that was just “port:22 “raspbian””. There are almost 100,000 results which I think goes to show just how popular these tiny computers are.

A Raspberry Pi on 178.12.106.221

I picked a result in Germany because I saw that in addition to SSH it was also running a webserver on 443. All that webserver was hosting though was the word “home”. The SSL certificate though had a bit more information. home.jedemenge-it.de does indeed resolve to our IP address. jedemenge-it.de is entirely different however, so I think that the home. is a CNAME.

👻🌵🔮 $ host jedemenge-it.de
jedemenge-it.de has address 95.143.172.176
jedemenge-it.de mail is handled by 1 lupus.uberspace.de.

jedemenge-it.de itself is someone’s personal website, almost certainly the owner of the Pi.

Looks like they do freelance web development and design. Pretty fun. And they are hosted by a company called UBER SPACE, which might be the best/worst webhost name I’ve seen.

See you tomorrow.