When auditing the public-facing side of a firewall, is there an appropriate/recommended range of ports to scan? We're using NMAP. By default, an intense scan only scans the first 1000 ports. Seems pretty limited. Does anyone have a strong opinion or some professional experience regarding this? Should we scan UDP and TCP? Any example NMAP lines?