I want to set up security group for an ec2 instance(Linux). There are services running on it like mem cached, python, dhclient, nodejs etc. How do i know which IP/CIDR-block should my server be listening to on a particular port? Eg. if mysqld is running on port 3306, what should be the source CIDR/IP/SG and how to find it out? (inbound rules)
p.s. It is a vpc with various webservers, database-servers, CMS, Solr etc. I need to setup security groups for each of these. Specifically, I need to know what instance is talking to what other machines in the VPC. Presently security group setup is open for all. I need to secure it