hi all i just install the nethserver newly and i start seeing these attacks comming, is it for real or this is all false positive?? in my opinion it is all real
It looks like it’s no problem.
SCAN and CINS are quite usual, many bad rated IPs do much scans. This is nothing to worry about.
The DOS means some Denial of Service attack behaviour but I also got it once when accessing a samba share for backup IIRC.
All Attacks are recognized by IPS, even if they are blocked by firewall or don’t hit a real service.
You may get more details about an entry by clicking on it and check where the IP comes from and which ports were used etc.