From the cisco site these messages mean this:
CBAC detects and blocks denial-of-service attacks and notifies you when denial-of-service attacks occur. Error messages such as the following may indicate that denial-of-service attacks have occurred:
%FW-4-ALERT_ON: getting aggressive, count (550/500) current 1-min rate: 250
%FW-4-ALERT_OFF: calming down, count (0/400) current 1-min rate: 0
When %FW-4-ALERT_ON and %FW-4-ALERT_OFF error messages appear together, each "aggressive/calming" pair of messages indicates a separate attack. The above example shows one separate attack.
%FW-4-ALERT_ON : [chars], count ([dec]/[dec]) current 1-min rate: [dec]
Explanation Either the max-incomplete high threshold of half-open connections or the new connection initiation rate has been exceeded. This error message indicates that an unusually high rate of new connections is coming through the firewall, and a DOS attack may be in progress. This message is issued only when the max-incomplete high threshold is crossed.
Recommended Action This message is for informational purposed only, but it may indicate a security problem.
So yes, I would worry about it. Some questions I have to help you determine the source are:
Are there any other messages besides those two that you also see much more of than you should?
Is there a load or stress test that is being conducted? If so, it may trigger those messages.
What ports/protocols are listed in your inspect-list?
