Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Port 3306 (tcp/udp) Attack Activity - SANS Internet Storm Center

SANS Site Network

Current Site

SANS Internet Storm Center

Other SANS Sites Help

Graduate Degree Programs

Security Training

Security Certification

Security Awareness Training

Penetration Testing

Industrial Control Systems

Cyber Defense Foundations

DFIR

Software Security

Government OnSite Training

Port 3306 (tcp/udp) Attack Activity

Log In or Sign Up for Free!

Loading...

[get complete service list]

Port Information
Protocol	Service	Name
tcp	mysql	MySQL
udp	mysql	MySQL

Top IPs Scanning
Today	Yesterday
138.199.32.104 (467)	127.0.0.1 (595)
167.172.55.224 (221)	154.89.5.94 (490)
124.133.28.21 (186)	124.133.28.21 (340)
127.0.0.1 (161)	31.43.185.19 (242)
167.172.61.73 (149)	103.203.57.18 (209)
178.62.234.100 (141)	167.99.177.104 (194)
104.248.205.115 (139)	81.70.214.229 (181)
124.162.128.2 (139)	104.248.205.115 (175)
192.241.214.10 (133)	167.172.55.238 (163)
192.241.205.207 (133)	178.62.234.100 (142)

Port diary mentions
URL
SCANS, Babel (not BagelBagleBeagle) & Halloween
Panix DNS Hijack; tcp3306 Increase; Osama Captured SPAM;Wireless Thoughts
* UPDATE: Possible MySQL Bot. New Juniper Vuln, Advice on managing X Windows security, Request for input on 2005 Critical Threats

User Comments
Submitted By	Date
Comment
Nitin Kushwaha	2006-06-11 19:48:15
The port 3306 is also used for emule & edonkey clones Thanks & Regards, Nitin. MCSE.MCSA.CIW-SA.CEH.SCSCA

CVE Links
CVE #	Description
CVE-2014-0384