get ATTACKED!!

my server RedHat Enterprise with cPanel has been getting attacked since Jul 5th. There are about 50 requests per second to my apache; something like this

221.192.223.221 - - [08/Jul/2005:01:54:21 -0400] "GET /yay/bdclong.txt HTTP/1.1" 200 0 "-" "Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)"


Notice:
1. The IPs changes all the time.. so far over 7,000 IPs.
2. The strange is that 90% of the requests are from Win98.
3. They're all request for /yay/bdclong.txt
4. About 50 requests per second
5. It boost my load to 17.x 15.x 13.x
6. The hits are from Taiwan/China

I can't use apf to block them because the IP keeps changing..

Questions:
1. It is DDoS?
2. How to solve this?

 

 

 

 

Top