A covert remote-control program (which may or may not technically be a trojan) can work without opening "ports" in at least two ways:

1. Hijack existing network traffic, for example, direct your web browser to do its network IO for it, or send and receive messages using your mail program. The latter was described in a security journal I read a few years back

2. Use network protocols which don't use ports, for example ICMP. I wrote a small proof-of-concept for Windows that uses ICMP messages (no, not pings), and it worked under NT4 (I used a Linux box to generate the packets though)

Neither of these would show up.

To avoid trojans, don't run untrusted binaries.