For task 0, you are given a network traffic capture and asked to determine the attacker’s listening post, which is the attacker’s server. This is just a warm-up task, since there are only 2 IPs, and


From the task we know we are looking for a server that is waiting for connections, and does not initiate them. This means that is the IP and port of the attacker’s server, since connects to it, as seen by it sending the SYN packet.