[](https://www.paloaltonetworks.com/?ts=markdown) * CN * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * 产品 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 产品 [人工智能驱动的网络安全平台](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [医疗物联网安全](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [企业 DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma 浏览器](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [应用安全](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [云运行时安全](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.cn/cortex/advanced-email-security?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.cn/cortex/exposure-management?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * 解决方案 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 解决方案 AI 安全 * [安全的人工智能生态系统](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [安全使用 GenAI](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) 网络安全 * [云网络安全](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [数据中心安全](https://www.paloaltonetworks.cn/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [入侵检测和防御](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-device-security?ts=markdown) * [5G 安全](https://www.paloaltonetworks.cn/network-security/5g-security?ts=markdown) * [确保所有应用、用户和位置的安全](https://www.paloaltonetworks.cn/sase/secure-users-data-apps-devices?ts=markdown) * [确保分支机构转型的安全](https://www.paloaltonetworks.cn/sase/secure-branch-transformation?ts=markdown) * [确保任何设备上的工作安全](https://www.paloaltonetworks.cn/sase/secure-work-on-any-device?ts=markdown) * [VPN 替代](https://www.paloaltonetworks.cn/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web 和网络钓鱼安全](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) 云安全 * [应用安全态势管理 (ASPM)](https://www.paloaltonetworks.cn/cortex/cloud/application-security-posture-management?ts=markdown) * [软件供应链安全](https://www.paloaltonetworks.cn/cortex/cloud/software-supply-chain-security?ts=markdown) * [代码安全](https://www.paloaltonetworks.cn/cortex/cloud/code-security?ts=markdown) * [云安全态势管理 (CSPM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-security-posture-management?ts=markdown) * [云基础架构权限管理 (CIEM)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [数据安全态势管理 (DSPM)](https://www.paloaltonetworks.cn/cortex/cloud/data-security-posture-management?ts=markdown) * [AI 安全态势管理 (AI-SPM)](https://www.paloaltonetworks.cn/cortex/cloud/ai-security-posture-management?ts=markdown) * [云检测与响应 (CDR)](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [云工作负载保护 (CWP)](https://www.paloaltonetworks.cn/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web 应用及 API 安全 (WAAS)](https://www.paloaltonetworks.cn/cortex/cloud/web-app-api-security?ts=markdown) 安全运营 * [云检测和响应](https://www.paloaltonetworks.cn/cortex/cloud-detection-and-response?ts=markdown) * [网络安全自动化](https://www.paloaltonetworks.cn/cortex/network-security-automation?ts=markdown) * [事件案例管理](https://www.paloaltonetworks.cn/cortex/incident-case-management?ts=markdown) * [SOC 自动化](https://www.paloaltonetworks.cn/cortex/security-operations-automation?ts=markdown) * [威胁情报管理](https://www.paloaltonetworks.cn/cortex/threat-intel-management?ts=markdown) * [托管的检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [攻击面管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [合规性管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/compliance-management?ts=markdown) * [互联网运营管理](https://www.paloaltonetworks.cn/cortex/cortex-xpanse/internet-operations-management?ts=markdown) 端点安全 * [端点防护](https://www.paloaltonetworks.cn/cortex/endpoint-protection?ts=markdown) * [扩展的检测和响应](https://www.paloaltonetworks.cn/cortex/detection-and-response?ts=markdown) * [勒索软件防护](https://www.paloaltonetworks.cn/cortex/ransomware-protection?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/cortex/digital-forensics?ts=markdown) [行业](https://www.paloaltonetworks.cn/industry?ts=markdown) * [公共部门](https://www.paloaltonetworks.com/industry/public-sector) * [金融服务](https://www.paloaltonetworks.com/industry/financial-services) * [制造](https://www.paloaltonetworks.com/industry/manufacturing) * [医疗保健](https://www.paloaltonetworks.com/industry/healthcare) * [中小型企业解决方案](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio) * 服务 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 服务 [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [AI 安全评估](https://www.paloaltonetworks.cn/unit42/assess/ai-security-assessment?ts=markdown) * [攻击面评估](https://www.paloaltonetworks.cn/unit42/assess/attack-surface-assessment?ts=markdown) * [防泄露准备工作审核](https://www.paloaltonetworks.cn/unit42/assess/breach-readiness-review?ts=markdown) * [BEC 准备情况评估](https://www.paloaltonetworks.com/bec-readiness-assessment) * [云安全评估](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment) * [入侵评估](https://www.paloaltonetworks.cn/unit42/assess/compromise-assessment?ts=markdown) * [网络风险评估](https://www.paloaltonetworks.cn/unit42/assess/cyber-risk-assessment?ts=markdown) * [并购网络尽职调查](https://www.paloaltonetworks.cn/unit42/assess/mergers-acquisitions-cyber-due-dilligence?ts=markdown) * [渗透测试](https://www.paloaltonetworks.cn/unit42/assess/penetration-testing?ts=markdown) * [紫队演习](https://www.paloaltonetworks.cn/unit42/assess/purple-teaming?ts=markdown) * [勒索软件就绪评估](https://www.paloaltonetworks.cn/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC 评估](https://www.paloaltonetworks.com/unit42/assess/soc-assessment) * [供应链风险评估](https://www.paloaltonetworks.cn/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [桌面演习](https://www.paloaltonetworks.cn/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [云事故响应](https://www.paloaltonetworks.cn/unit42/respond/cloud-incident-response?ts=markdown) * [数字取证](https://www.paloaltonetworks.cn/unit42/respond/digital-forensics?ts=markdown) * [事件响应](https://www.paloaltonetworks.cn/unit42/respond/incident-response?ts=markdown) * [托管检测与响应](https://www.paloaltonetworks.cn/unit42/respond/managed-detection-response?ts=markdown) * [托管威胁追踪](https://www.paloaltonetworks.cn/unit42/respond/managed-threat-hunting?ts=markdown) * [托管 XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [Unit 42 顾问人员](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * [转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [事故响应计划制定与审核](https://www.paloaltonetworks.cn/unit42/transform/incident-response-plan-development-review?ts=markdown) * [安全计划设计](https://www.paloaltonetworks.cn/unit42/transform/security-program-design?ts=markdown) * [虚拟 CISO](https://www.paloaltonetworks.cn/unit42/transform/vciso?ts=markdown) * [零信任咨询](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory) [全球客户服务](https://www.paloaltonetworks.cn/services?ts=markdown) * [教育与培训](https://www.paloaltonetworks.com/services/education) * [专业服务](https://www.paloaltonetworks.com/services/consulting) * [成功工具](https://www.paloaltonetworks.com/services/customer-success-tools) * [支持服务](https://www.paloaltonetworks.com/services/solution-assurance) * [客户成功](https://www.paloaltonetworks.com/services/customer-success) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) Unit 42 顾问人员 为满足企业的需求而定制,您可以选择将顾问人员工时数分配给我们的任意产品,包括主动网络风险管理服务。了解如何一键呼叫世界一流的 Unit 42 事故响应团队。 了解更多](https://www.paloaltonetworks.cn/unit42/retainer?ts=markdown) * 合作伙伴 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 合作伙伴 NextWave 合作伙伴 * [NextWave 合作伙伴社区](https://www.paloaltonetworks.com/partners) * [云服务提供商](https://www.paloaltonetworks.com/partners/nextwave-for-csp) * [全球系统集成商](https://www.paloaltonetworks.com/partners/nextwave-for-gsi) * [技术合作伙伴](https://www.paloaltonetworks.com/partners/technology-partners) * [服务提供商](https://www.paloaltonetworks.com/partners/service-providers) * [解决方案提供商](https://www.paloaltonetworks.com/partners/nextwave-solution-providers) * [托管安全服务提供商](https://www.paloaltonetworks.com/partners/managed-security-service-providers) 采取行动 * [门户网站登录](https://www.paloaltonetworks.com/partners/nextwave-partner-portal) * [管理的服务计划](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program) * [成为合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [请求访问](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [查找合作伙伴](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE 代表了因其安全专业知识而值得信赖的前 1% 的合作伙伴工程师。 了解更多](https://www.paloaltonetworks.com/cyberforce) * 公司 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 公司 Palo Alto Networks * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [管理团队](https://www.paloaltonetworks.com/about-us/management) * [投资者关系](https://investors.paloaltonetworks.com/) * [地点](https://www.paloaltonetworks.com/about-us/locations) * [道德与合规性](https://www.paloaltonetworks.com/company/ethics-and-compliance) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [军人和退伍军人](https://jobs.paloaltonetworks.com/military) [为什么选择 Palo Alto Networks?](https://www.paloaltonetworks.cn/why-paloaltonetworks?ts=markdown) * [Precision AI 安全](https://www.paloaltonetworks.cn/precision-ai-security?ts=markdown) * [我们的平台方法](https://www.paloaltonetworks.cn/why-paloaltonetworks/platformization?ts=markdown) * [加速网络安全转型](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio) * [获得的奖项与表彰](https://www.paloaltonetworks.com/about-us/awards) * [客户案例](https://www.paloaltonetworks.cn/customers?ts=markdown) * [全球认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [全方位信任计划](https://www.paloaltonetworks.com/resources/whitepapers/trust-360) 职业生涯 * [概述](https://jobs.paloaltonetworks.com/) * [文化与福利](https://jobs.paloaltonetworks.com/culture) [《新闻周刊》评选出的最受欢迎的工作场所 善待员工的企业 阅读更多](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021) * 更多内容 ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) 更多内容 资源 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [Unit 42 威胁研究博客](https://unit42.paloaltonetworks.com/) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) * [技术内幕](https://techinsider.paloaltonetworks.com/) * [知识库](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks 频道](https://tv.paloaltonetworks.com/) * [领导者的视角](https://www.paloaltonetworks.com/perspectives/) * [《网络视角》杂志](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine) * [区域云位置](https://www.paloaltonetworks.cn/products/regional-cloud-locations?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [安全态势评估](https://www.paloaltonetworks.cn/security-posture-assessment?ts=markdown) * [威胁载体播客](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) 联系 * [在线社区](https://live.paloaltonetworks.com/) * [活动资讯](https://events.paloaltonetworks.com/) * [高管简报中心](https://www.paloaltonetworks.com/about-us/executive-briefing-program) * [演示](https://www.paloaltonetworks.cn/demos?ts=markdown) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) [博客 了解行业趋势和全球最大网络安全公司的最新创新 了解更多](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * CN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com/) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * CHINA (简体中文) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [联系我们](https://www.paloaltonetworks.cn/contact?ts=markdown) * [资源](https://www.paloaltonetworks.cn/resources?ts=markdown) * [获得支持](https://support.paloaltonetworks.com/support) * [遭遇攻击?](https://start.paloaltonetworks.com/contact-unit42.html) * [立即开始](https://www.paloaltonetworks.cn/get-started?ts=markdown) 搜索 Close search modal [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.cn/cyberpedia?ts=markdown) 2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown) 3. [什么是指挥与控制攻击?](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained?ts=markdown) 目錄 * [什么是网络攻击?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack?ts=markdown) * [威胁概述:网络攻击](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#threat?ts=markdown) * [网络攻击类型概览](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#cyber?ts=markdown) * [全球网络攻击趋势](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#global?ts=markdown) * [网络攻击分类学](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#taxonomy?ts=markdown) * [威胁--行为体格局](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#landscape?ts=markdown) * [攻击生命周期和方法](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#methodologies?ts=markdown) * [参与技术深入讨论](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#technical?ts=markdown) * [网络攻击案例研究](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#studies?ts=markdown) * [工具、平台和基础设施](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#tools?ts=markdown) * [网络攻击的影响](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#effect?ts=markdown) * [检测、响应和情报](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#detection?ts=markdown) * [新出现的网络攻击趋势](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#trends?ts=markdown) * [测试和验证](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#testing?ts=markdown) * [衡量标准和持续改进](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#metrics?ts=markdown) * [网络攻击常见问题](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack#faqs?ts=markdown) * 什么是指挥与控制攻击? * [指挥与控制攻击如何运作](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#how?ts=markdown) * [指挥与控制技术的类型](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#types?ts=markdown) * [被 C\&C 瞄准的设备](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#devices?ts=markdown) * [黑客通过指挥和控制能实现什么](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#what?ts=markdown) * [指挥与控制常见问题](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#faqs?ts=markdown) # 什么是指挥与控制攻击? 目錄 * * [指挥与控制攻击如何运作](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#how?ts=markdown) * [指挥与控制技术的类型](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#types?ts=markdown) * [被 C\&C 瞄准的设备](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#devices?ts=markdown) * [黑客通过指挥和控制能实现什么](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#what?ts=markdown) * [指挥与控制常见问题](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#faqs?ts=markdown) 1. 指挥与控制攻击如何运作 * * [指挥与控制攻击如何运作](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#how?ts=markdown) * [指挥与控制技术的类型](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#types?ts=markdown) * [被 C\&C 瞄准的设备](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#devices?ts=markdown) * [黑客通过指挥和控制能实现什么](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#what?ts=markdown) * [指挥与控制常见问题](https://www.paloaltonetworks.cn/cyberpedia/command-and-control-explained#faqs?ts=markdown) 近十年来,[恶意网络攻击](https://start.paloaltonetworks.cn/unit-42-network-threat-trends-report-2022.html) 呈上升趋势。最具破坏性的攻击之一通常是通过 DNS 执行的,它是通过指挥和控制(也称为 C2 或 C\&C)完成的。指挥和控制被定义为威胁参与者通过网络与被入侵设备进行通信的一种技术。 C2 通常涉及一个或多个隐蔽渠道,但根据攻击的不同,具体机制也会有很大差异。攻击者利用这些通信渠道向被入侵设备发送指令,以下载其他恶意软件、创建僵尸网络或外泄数据。 根据 [MITRE ATT\&CK 框架](https://www.paloaltonetworks.cn/cyberpedia/what-is-mitre-attack-framework?ts=markdown),对手使用的指挥控制策略超过 16 种,其中包括许多子技术: 1. 应用层协议 2. 通过可移动媒体进行通信 3. 数据编码 4. 数据混淆 5. 动态分辨率 6. 加密通道 7. 备用通道 8. 入侵工具转移 9. 多级通道 10. 非应用层协议 11. 非标准端口 12. 协议隧道 13. 代理 14. 远程访问软件 15. 交通信号 16. 网络服务 ## 指挥与控制攻击如何运作 攻击者首先建立一个立足点来感染目标机器,而目标机器可能位于 [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown)之后。这可以通过多种方式实现: * 通过一封网络钓鱼邮件,其中: * 诱使用户点击链接进入恶意网站 或 * 打开会执行恶意代码的附件 * 通过浏览器插件的安全漏洞。 * 通过其他受感染的软件。 ![网络攻击生命周期中的指挥与控制示意图](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/ngfw-what-is-command-and-control-cyberpedia-article-image-1-868x488.png "网络攻击生命周期中的指挥与控制示意图") 一旦通信建立,受感染的机器就会向攻击者的服务器发送信号,寻找下一条指令。被入侵的主机将执行攻击者 C2 服务器发出的命令,并可能安装其他软件。许多攻击者试图将 C2 流量与 HTTP/HTTPS 或 DNS 等其他类型的合法流量混合。目的是避免被发现。 攻击者现在可以完全控制受害者的电脑,并执行任何代码。恶意代码通常会传播到更多的计算机上,形成僵尸网络--一个受感染设备的网络。这样,攻击者就可以完全控制公司网络。 指挥和控制是杀伤链(由洛克希德-马丁公司提出)的最后阶段之一。它发生在威胁参与者完成目标之前。这意味着攻击者已经绕过了其他可能已经到位的安全工具。因此,对于安全专业人员来说,迅速发现和防止 C2 至关重要。 ## 指挥与控制技术的类型 C2C 攻击有三种不同的模式。这些模型决定了受感染机器与命令和控制服务器的通信方式。每一种设计都是为了尽可能有效地逃避发现。 **1.集中式架构** 这可能是最常见的模式,很像客户服务器事务架构。新电脑感染僵尸后,会通过启动与 C\&C 服务器的连接加入僵尸网络。一旦加入频道,机器人就会在 C\&C 服务器上等待机器人管理员的指令。攻击者通常使用流行的 C2c 服务器托管服务。 这种模式很容易检测和拦截,因为命令来自一个源头。因此,可以快速检测并阻止 IP。不过,一些网络犯罪分子调整了他们的方法,在设置中采用了负载平衡、重定向器和代理。在这种情况下,检测工作更具挑战性。 **2.点对点(P2P)架构** 这种模式是分散式的。僵尸网络成员不依赖中央服务器,而是在节点之间传输命令。这使得 P2P 模式更难被发现。即使检测到,通常也只能一次摧毁一个节点。 点对点模式经常与集中模式结合使用,形成混合配置。当主服务器被入侵或瘫痪时,P2P 架构可作为备用。 **3.随机架构** 到目前为止,随机结构模型是最难检测的。这是设计好的。其目的是防止安全人员追踪和关闭 C\&C 服务器或识别僵尸网络的指挥链。这种模式通过从不同来源向受感染主机(或僵尸网络)传输通信来发挥作用: * IRC 聊天室 * CDN * 社交媒体评论 * 电子邮件 网络犯罪分子通过选择可信、常用的来源来提高成功几率。 ## 被 C\&C 瞄准的设备 指挥和控制攻击几乎可以针对任何计算设备,包括但不限于 * 智能手机 * 平板电脑 * 台式机 * 笔记本电脑 * IoT 设备 由于各种原因,[IoT 设备](https://www.paloaltonetworks.cn/network-security/what-is-iot-security?ts=markdown) 有可能增加 C\&C 风险: * 由于用户界面有限,它们很难控制。 * IoT 设备通常本身就不安全。 * 智能对象很少打补丁,如果有的话。 * 物联网设备通过互联网共享大量数据。 ## 黑客通过指挥和控制能实现什么 1. **恶意软件传输**:只要控制了受害者网络中被入侵的机器,对手就能触发更多恶意软件的下载。 2. **数据被盗**敏感数据(如财务文件)可能会被复制或传输到攻击者的服务器上。 3. **关闭**:攻击者可以关闭一台或多台机器,甚至导致公司网络瘫痪。 4. **重新启动**受感染的计算机可能会突然反复关机和重启,这可能会扰乱正常业务运营。 5. **防御回避**:反病毒者通常会试图模仿正常的、预期的流量,以避免被检测到。根据受害者网络的不同情况,攻击者以不同程度的隐蔽性建立指挥和控制,以规避安全工具。 6. **分布式拒绝服务** :DDoS 攻击通过互联网流量淹没服务器或网络,使其不堪重负。僵尸网络建立后,攻击者可指示每个僵尸向目标 IP 地址发送请求。这就造成了对目标服务器的请求堵塞。 其结果就像高速公路上的交通堵塞--被攻击 IP 地址的合法流量被拒绝访问。这种攻击可导致网站瘫痪。[进一步了解真实世界中的 DDoS 攻击](https://unit42.paloaltonetworks.com/threat-brief-cyber-attackers-using-home-router-bring-websites/)。 如今的攻击者可以定制和复制恶意 C2 代码,从而更容易躲避检测。这是因为现在有了先进的自动化工具,尽管这些工具传统上是由安全红方小组使用的。 如何阻止攻击者利用 DNS 对您进行攻击?阅读我们的白皮书,了解 [您可以采取的步骤](https://start.paloaltonetworks.cn/protect-your-dns-traffic-against-threats.html)。 ## 指挥与控制常见问题 ### 攻击者建立指挥与控制 (C2) 通道的常用方法有哪些? 攻击者使用各种方法建立 C2 通道,包括 * 在电子邮件附件或链接中嵌入恶意代码。 * 利用软件或硬件中的漏洞。 * 利用被入侵的网站传播恶意软件。 * 利用社交工程技术诱骗用户执行恶意有效载荷。 * 利用 HTTP/HTTPS、DNS 和社交媒体等合法服务和协议逃避检测。 ### 指挥与控制 (C2) 攻击通常如何运作? C2 攻击通常从恶意软件感染网络内的设备开始。然后,该恶意软件会与攻击者控制的远程 C2 服务器建立通信。C2 服务器向受感染设备发送指令,允许攻击者执行各种恶意活动,如收集敏感数据、传播恶意软件或禁用安全控制。通信渠道包括 HTTP/HTTPS、DNS、电子邮件和自定义协议。 ### 指挥与控制 (C2) 攻击有哪些常见迹象? C2 攻击的常见迹象包括异常出站流量、与已知恶意 IP 地址或域通信、反复尝试登录失败、意外的系统行为以及不熟悉或未经授权的软件。网络异常,如不规则的数据流或不常见的端口和协议,可能预示着潜在的 C2 活动。 ### 组织如何抵御指挥与控制(C2)攻击? 各组织可通过实施强有力的安全措施来抵御 C2 攻击,这些措施包括 * 使用先进的威胁检测工具来识别和阻止可疑活动。 * 采用网络分段来限制恶意软件的传播。 * 定期更新和修补系统,弥补漏洞。 * 对网络流量进行持续监控和记录。 * 教育员工了解网络钓鱼和社交工程攻击。 * 利用威胁情报,随时了解新出现的 C2 战术和基础设施。 ### 成功的指挥与控制(C2)攻击会产生什么后果? 成功的 C2 攻击会造成严重性后果,包括数据外泄、财务丢失、声誉受损、服务中断和法律处罚。攻击者可以窃取敏感信息、部署勒索软件,或将被入侵的系统作为进一步攻击的发射台。长期影响往往涉及巨额恢复成本和恢复安全与信任的努力。 相关内容 [什么是僵尸网络? 僵尸网络是被恶意软件感染的计算机网络,用于在威胁参与者的远程控制下执行命令。](https://www.paloaltonetworks.cn/cyberpedia/what-is-botnet?ts=markdown) [用深度学习和机器学习保护网络 Palo Alto Networks 高级威胁预防是首个利用独特的深度学习模型在线拦截未知规避性命令和控制的 IPS 解决方案。](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) [查看 Palo Alto Networks 的入侵防御方法 Palo Alto Networks Threat Prevention 超越传统入侵防御系统,可检查所有流量并自动阻止已知威胁。](https://start.paloaltonetworks.cn/paloaltonetworks-approach-to-intrusion-prevention-wp.html) [什么是入侵防御系统? 入侵防御系统(IPS)是一种网络安全技术,可检测网络流量,从而检测和预防恶意威胁。](https://www.paloaltonetworks.cn/cyberpedia/what-is-an-intrusion-prevention-system-ips?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=%E4%BB%80%E4%B9%88%E6%98%AF%E6%8C%87%E6%8C%A5%E4%B8%8E%E6%8E%A7%E5%88%B6%E6%94%BB%E5%87%BB%EF%BC%9F&body=%E6%8C%87%E6%8C%A5%E4%B8%8E%E6%8E%A7%E5%88%B6%E6%94%BB%E5%87%BB%EF%BC%88C2%2FC%26C%EF%BC%89%E6%98%AF%E5%A8%81%E8%83%81%E5%8F%82%E4%B8%8E%E8%80%85%E5%88%A9%E7%94%A8%E4%B8%80%E4%B8%AA%E6%88%96%E5%A4%9A%E4%B8%AA%E9%9A%90%E8%94%BD%E4%BF%A1%E9%81%93%E9%80%9A%E8%BF%87%E7%BD%91%E7%BB%9C%E4%B8%8E%E8%A2%AB%E5%85%A5%E4%BE%B5%E8%AE%BE%E5%A4%87%E8%BF%9B%E8%A1%8C%E9%80%9A%E4%BF%A1%E7%9A%84%E4%B8%80%E7%A7%8D%E6%96%B9%E6%B3%95%E3%80%82%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/command-and-control-explained) 返回页首 [上一页](https://www.paloaltonetworks.cn/cyberpedia/what-is-a-cyber-attack?ts=markdown) 什么是网络攻击? {#footer} ## 产品和服务 * [实时人工智能驱动的网络安全](https://www.paloaltonetworks.cn/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown) * [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown) * [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown) * [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-iot-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown) * [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown) * [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown) * [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown) * [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown) * [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown) * [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown) * [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown) * [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown) * [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown) * [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown) * [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown) * [主动评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown) * [事故响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown) * [安全策略转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown) * [发现威胁情报](https://www.paloaltonetworks.cn/unit42/threat-intelligence-partners?ts=markdown) ## 公司 * [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown) * [人才招聘](https://jobs.paloaltonetworks.com/en/) * [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown) * [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility) * [客户](https://www.paloaltonetworks.cn/customers?ts=markdown) * [投资者关系](https://investors.paloaltonetworks.com/) * [位置](https://www.paloaltonetworks.com/about-us/locations) * [新闻资讯](https://www.paloaltonetworks.cn/company/newsroom?ts=markdown) ## 热门链接 * [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans) * [社区](https://www.paloaltonetworks.com/communities) * [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown) * [网络百科](https://www.paloaltonetworks.com/cyberpedia) * [事件中心](https://events.paloaltonetworks.com/) * [管理电子邮件首选项](https://start.paloaltonetworks.com/preference-center) * [产品清单](https://www.paloaltonetworks.cn/products/products-a-z?ts=markdown) * [产品认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance) * [报告漏洞](https://www.paloaltonetworks.com/security-disclosure) * [网站地图](https://www.paloaltonetworks.cn/sitemap?ts=markdown) * [技术文档](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [请勿出售或分享我的个人信息](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [隐私](https://www.paloaltonetworks.com/legal-notices/privacy) * [信任中心](https://www.paloaltonetworks.com/legal-notices/trust-center) * [使用条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use) * [文档](https://www.paloaltonetworks.com/legal) 版权所有 © 2025 Palo Alto Networks。保留所有权利 * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * CN Select your language