← Back to all network ports
TCP
Vulnerable

3306 MySQL

MySQL servers listen on port 3306 for application queries, replication, and administrative access.

Security Context

Port 3306 is high-risk when broadly exposed. Treat it as an attack-surface decision, not just a connectivity setting, and confirm whether the listener truly needs to be reachable.

  • !Internet-exposed MySQL often attracts brute-force and credential-stuffing attacks.

Nmap Check

Use a version probe first so you confirm whether the expected service is really what is listening on this port.

nmap -sV -p 3306 <host>

Firewall Commands

UFW
sudo ufw allow 3306/tcp
iptables
sudo iptables -A INPUT -p tcp --dport 3306 -j ACCEPT

Related TCP Ports

20
FTP Data
21
FTP Control
22
SSH / SFTP
23
Telnet
25
SMTP
80
HTTP