Task 2: To find strings that will be sent from terrorist to device
run 'client -h' to get commands then
run 'client --command DISARM' to get 25 4D 10 01 (as 625807361)
run 'client --command ARM' to get 25 4D 10 02 (as 625807362)
run 'client --command TRIGGER' to get 25 4D 10 03 (as 625807363)
(the above are straight translations from decimal to hex via calculator)

Open 'wireshark traffic.pcap'
From Edit -> Find Packet open a dialog box. Click Hex value
enter 01104d25 in the filter field (bytes in reverse)
Observe that the only frame that includes this string involves and

Now click the 'Filter' field and enter 'ip.addr =='
All the frames that show up involve and
Note that always sends the first syn so is likely
to be the terrorist. Clicking on all packets with
as the source eventually brings up 5.3-dev3863 (4th line down).

Hence the answers to the questions are:
IED at with id string 5.3-dev3863