Accuracy: 88.9%
Cyber Command: We lost the weather forecast. Analyze this packet capture and help us out.
Q1 (10 pts) - What is the IP address of the DNS resolver that is used?
8.8.8.8
Q2 (10 pts) - What is the IP address of the client requesting the weather report?
192.168.137.11
Q3 (10 pts) - What is the IP address of the server providing the weather report?
96.8.81.129
Q4 (10 pts) - What zip code was the weather report for?
94087
Q5 (10 pts) - What time is sunset on the day the weather report was generated?
5:28 PM
Q6 (10 pts) - What is the high temperature for the upcoming Monday on the forecast?
59°F
Q7 (10 pts) - What is the chance of rain on the first Sunday night in the forecast?
60%
Q8 (15 pts) - What is the model number of the handheld device used to request the weather forecast?
SGH-T959
Opened the PCAP in Wireshark. Located the HTTP weather response and followed the TCP stream to read the plaintext data, which contained all the forecast details and device info.