Any port is a hacker storm
But you might already be on the lookout for such ping surveys. A number of tools are available to watch for such activity, and they fall into the realm of packet sniffers - tools that watch passing packets and filter out suspicious events.
A tool that's great for spotting hack attempts is Computer Associates' eTrust Internet Defense - Intrusion Detection (previously was SessionWall from AbirNet until CA swallowed it up). This is an excellent product for detecting ping surveys as well as SYN flood attacks and a whole catalog of other hacking techniques.
Once the hacker has a live IP address, by using the stack fingerprinting technique he can build a detailed map of your network and figure out what is where. Even more suspicious than a ping survey is a port scan, the process of attempting to make connections to a range of ports on a machine or to a range of ports on a range of machines.
The link for this article located at NW Fusion is no longer available.