Am I under a Gnutella denial of service attack ?

For the last couple of days I appear to have been under some sort of attack. I occasionally use the Shareaza P2P client. I was using it for 24 hours or so around the time that the "attack" started.

Shareaza is a Gnutella and eDonkey client.

Shareaza is not currently running and hasn't been running for the last two days.

The machine that I run Shareaza on also runs a webserver, although the server in question normally sees almost zero traffic. I am seeing dozens of requests to port 80 on that Shareaza machine every second, from hundreds of different IP addresses.

The requests are for

/uri-res/N2R?urn:sha1:CAKQAE6EK3LPHJ6DFVOVUQDJ7IN66OMM

where the hash value at the end varies (although there are lots of repeated requests for the same hash value)

I am puzzled as to why these requests are coming to port 80 as that is not the standard Gnutella port. All the requests appear to be coming from either BearShare, LimeShare or Shareaza clients (though 99% of them are BearShare).

If I leave the webserver enabled sending out the resulting 404 pages fills my 256kb outgoing DSL line. My daily IIS log before I noticed what was happening was over 150Mb in size...

For the moment I have just had to shutdown the webserver so that my DSL line is usable.

Has anyone seen this before, if so is there anything I can do about it ?