I'm running a Debian based web server (much of it set up using how to help) that I thought was pretty secure. It has an iptables setup that blocks everything by default and opens very little. But I have discovered that on reboot, port 3306 is being opened. What could be doing this? Running my iptables script again closes the port. The script is in /etc/network/if-up.d/ so should run during startup. Restarting MySQL does not cause the port to be opened. What could be opening the port? How can I find out?