I have an Ubuntu server that is only accessible on my home network (i.e., no port forwarding from router and iptables restricts to local network ip addresses). I recently installed chkrootkit, rkhunter, and unhide. I just received an email notification from unhide with the following:
Code:
Starting TCP checking
Found Hidden port that not appears in netstat: 1
Found Hidden port that not appears in netstat: 2
Found Hidden port that not appears in netstat: 3
Found Hidden port that not appears in netstat: 4
Found Hidden port that not appears in netstat: 5
...
I do not know what this means and can not find any good information about hidden ports. I have iptables that basically only allows ssh from local network ip addresses, outgoing mail, and apt-get. Should I be concerned about this and what should I do to solve this problem? Any ideas?