I am webmaster of a small website called www.real-songs.com The site is a way for unsigned bands in the Northeast of England to get their music heard and promoted and as such stores around 100 MP3 files of different band's songs. On Friday lunch time the site traffic suddenly spiked with the following file http://www.real-songs.com/mp3Player.swf?mp3File=./Uploads/1f2837001ddc18fc5778db174a813fd1.mp3
being uploaded 9136 times in one hour?
mp3Player does exactly what it says on the tin and is embedded in another PHP generated page that has other information about the track and the band. It's not available directly through the site and is not even visible unless somebody looks at the background code on the site? I can find no errors in the code that would continually download the song, just downloads once using about 7mb of bandwidth
The attack appears to have originated in the network of Orange UK in StAlbans but I'm getting no help from them at all.
Does anyone know how I could go about establishing what caused the attack, and how I can prevent direct access to these MP3 files used in the site? I've tried preventing directory browsing but this doesnt prevent access to the individual files.?