I have an Ubuntu server that is only accessible on my home network (i.e., no port forwarding from router and iptables restricts to local network ip addresses). I recently installed chkrootkit, rkhunter, and unhide. I just received an email notification from unhide with the following:
I do not know what this means and can not find any good information about hidden ports. I have iptables that basically only allows ssh from local network ip addresses, outgoing mail, and apt-get. Should I be concerned about this and what should I do to solve this problem? Any ideas?

Unhide basically runs 'netstat' to get a list of ports in use then tries to figure out if a port is already in use. Did you compile "unhide" yourself or did you install a binary (and then from where)? If you installed a binary, does running a self compiled version improve? Did you ran 'unhide-tcp' under an earlier kernel version without problems? What kernel version do you run now? Else, are all your ports marked as hidden? What networked services is the machine running? What happens if you shut them down one at a time and eacht time after you shut it down run 'unhide-tcp'? If after you shut down all networked services (webserver, any network filesystem sharing, SSH, FTP, caching nameserver, nscd) there still is no difference, does also shutting down your network connection show a difference? If nothing makes a difference I suggest you email yjesus at security-projects dot com your strace.log from running 'strace -v -o /tmp/strace.log /path/to/unhide-tcp', he usually responds back pretty quick.

The reason you get this is that ports 1 to 1023 are privileged ports and accessible only to root (superuser).

Try to run unhide-tcp as superuser:

$ sudo unhide-tcp

To get rid of these alerts.