Im under the imperssion that no port is accessible from the outside interface on PIX unless you permit it with an ACL.
Though i guess it opens the ports it needs for return traffic that is initiated from the inside network. Otherwise it shouldnt have any ports open.
Then again im a total newbie when it comes to PIX firewalls but they should block any other ports other than return traffic ports and then its already traffic thats iniated from a trusted part of the network.
If you mean some way to show the connections and ports opened for traffic trough the PIX then i guess the command
pixfirewall# show conn all
would show the connections and their ports on the firewall.