Port 3306/tcp is the default listener for MySQL Server and MariaDB (which shares MySQL's classic client/server protocol), and one of the most commonly observed open database ports on the internet. Unusually for a famous application default, the port is cleanly registered to the database's author: the IANA row gives the service name mysql with description "MySQL" and lists the assignee and contact as "Monty" — Michael "Monty" Widenius, MySQL's co-creator. The wire protocol begins with a server-sent handshake packet (capability flags and a salt), to which the client replies selecting an authentication plugin; historically that was mysql_native_password, while caching_sha2_password is the default from MySQL 8.0 onward. A separate, newer X Protocol (document/CRUD plus SQL over a different framing) runs on port 33060 (mysqlx, registered to Oracle in 2015), and MySQL 8.0.14+ additionally supports a dedicated administrative-connection port. The IANA reference field for 3306 is blank, so there is no RFC tied to the assignment. Security-wise, 3306 is a perennial scan and brute-force target: exposed instances number in the hundreds of thousands and are probed for weak root/application credentials, and MySQL-targeting ransomware has wiped or encrypted reachable databases and left ransom notes. Best practice is to bind to localhost or trusted networks and require TLS. For an analyst, an internet-facing 3306 is almost always a misconfiguration and a high-priority finding — validate authentication, TLS, and bind address.
mysql — "MySQL"; reference (blank — no RFC cited in IANA registry); assignee/contact "Monty" (Michael Widenius) [IANA-assigned] — IANA Service Name and Transport Protocol Port Number Registrymysqlx, MySQL X Protocol, Oracle 2015); 1186 (mysql-cluster); 6446 (mysql-proxy); MySQL 8 admin port (configurable)