I suggest you to install mod_security for apache as soon as possible.
Your server is receiving the file and trying to execute it.
Download and take a look to
http://sicily.100free.com/max.txtHacking attempts, here are my logs from today:
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/pma2005/scripts/setup.php"] [unique_id "TTeB6ljGbecAABukdz4AAAA3"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/phpmanager/scripts/setup.php"] [unique_id "TTeB6ljGbecAABtxSkMAAAAE"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"][uri "/php-myadmin/scripts/setup.php"] [unique_id "TTeB6ljGbecAABuld4MAAAA4"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/phpmy-admin/scripts/setup.php"] [unique_id "TTeB6ljGbecAABumd70AAAA5"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/webadmin/scripts/setup.php"] [unique_id "TTeB6ljGbecAABuneXYAAAA6"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/sqlweb/scripts/setup.php"] [unique_id "TTeB6ljGbecAABuoeagAAAA7"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/websql/scripts/setup.php"] [unique_id "TTeB6ljGbecAABupezEAAAA8"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/webdb/scripts/setup.php"] [unique_id "TTeB6ljGbecAABuqe2AAAAA9"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/mysqladmin/scripts/setup.php"] [unique_id "TTeB6ljGbecAABuse5YAAAA-"]
[Thu Jan 20 01:29:30 2011] [error] [client 85.10.128.125] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/mod_security/base_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "97"] [id "960017"] [rev "2.1.1"] [msg "Host header is a numeric IP address"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx"] [uri "/mysql-admin/scripts/setup.php"] [unique_id "TTeB6ljGbecAABuRaDIAAAAk"]