explainx.ainewsletter3.4k
tag

intrusion-detection

6 indexed skills · max 10 per page

skills (6)

configuring-snort-ids-for-intrusion-detection

mukul975/Anthropic-Cybersecurity-Skills · configuring-snort-ids-for-intrusion-detection

0

Installs, configures, and tunes Snort 3 intrusion detection system to monitor network traffic for malicious activity using custom and community rulesets, preprocessors, and alert output plugins on authorized network segments.

implementing-canary-tokens-for-network-intrusion

mukul975/Anthropic-Cybersecurity-Skills · implementing-canary-tokens-for-network-intrusion

0

Deploys DNS, HTTP, and AWS API key canary tokens across network infrastructure to detect unauthorized access and lateral movement. Integrates with webhook alerting (Slack, Teams, email, generic HTTP) for real-time intrusion notifications. Provides automated token generation, placement strategies, and monitoring for enterprise network environments. Use when building deception-based network intrusion detection with Canarytokens.org and Thinkst Canary platforms.

configuring-host-based-intrusion-detection

mukul975/Anthropic-Cybersecurity-Skills · configuring-host-based-intrusion-detection

0

Configures host-based intrusion detection systems (HIDS) to monitor endpoint file integrity, system calls, and configuration changes for security violations. Use when deploying OSSEC, Wazuh, or AIDE for endpoint monitoring, building file integrity monitoring (FIM) policies, or meeting compliance requirements for change detection. Activates for requests involving HIDS configuration, file integrity monitoring, OSSEC/Wazuh deployment, or host-based detection.

analyzing-linux-audit-logs-for-intrusion

mukul975/Anthropic-Cybersecurity-Skills · analyzing-linux-audit-logs-for-intrusion

0

Uses the Linux Audit framework (auditd) with ausearch and aureport utilities to detect intrusion attempts, unauthorized access, privilege escalation, and suspicious system activity. Covers audit rule configuration, log querying, timeline reconstruction, and integration with SIEM platforms. Activates for requests involving auditd analysis, Linux audit log investigation, ausearch queries, aureport summaries, or host-based intrusion detection on Linux.

detecting-attacks-on-scada-systems

mukul975/Anthropic-Cybersecurity-Skills · detecting-attacks-on-scada-systems

0

This skill covers detecting cyber attacks targeting Supervisory Control and Data Acquisition (SCADA) systems including man-in-the-middle attacks on industrial protocols, unauthorized command injection into PLCs, HMI compromise, historian data manipulation, and denial-of-service against control system communications. It leverages OT-specific intrusion detection systems, industrial protocol anomaly detection, and process data analytics to identify attacks that traditional IT security tools miss.

implementing-file-integrity-monitoring-with-aide

mukul975/Anthropic-Cybersecurity-Skills · implementing-file-integrity-monitoring-with-aide

0

Configure AIDE (Advanced Intrusion Detection Environment) for file integrity monitoring including baseline creation, scheduled integrity checks, change detection, and alerting