We have a regional network coming into our DMZ on our Pix 515. We have an IP any any rule and have not locked down what ports they need to use (AD, Exchange, File server, internet). Is there a port monitor we can use to list all the ports over some time through our DMZ? Then we can use this to lock it down.
I have this problem too.