Help with Snort rule - httpd flood detection

["NightStorm" <NightStorm_Draco () isyourgod com>]

Hey everyone.  I have a bit of an obscure request...
I would go through the list archives to see how many times this has been posted before, but since I'm not exactly sure 
what I should be looking for, I am hoping someone here can give me a hand.
I have Snort running all fine and happy, but I can't seem to find the one rule that brought me to install it in the 
first place.  What's happening is I have one little pathetic script kiddie with a little botnet (ain't he cute?) 
hammering a few sites on my server.  The only real pattern to it is his annoying use of invalid or obscene "referring 
URL's"... sort of his trademark.
Now, the FBI should be paying him a visit within the next 2 weeks (warrent is in process), but until then I want to 
give him something new to play with... namely Snort with snortsam.  ;)
Find below a posting of the typical attack he is running against us.  What I am hoping to do is somehow get Snort to 
recognise massive queries to a specified page, and then trigger a rule.  Unfortunately, as I said, I can't find any 
rule that would fit this type of description.  Essentially, it's a httpd GET attack... but all the GETs are, as far as 
the server is concerned, legitimate.
Does anyone know of a rule that I can use to detect this form of attack?  The referring URLs are not always the same, 
so it's not a simple matter of blocking the URL from the referrals list in a htaccess file (been there, tried that).

82.54.214.236 - - [24/Feb/2005:13:57:49 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
218.56.70.162 - - [24/Feb/2005:13:58:07 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.49.104.29 - - [24/Feb/2005:13:58:45 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.49.19.186 - - [24/Feb/2005:13:59:02 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.54.214.236 - - [24/Feb/2005:13:59:17 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 47186 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.51.119.28 - - [24/Feb/2005:13:59:35 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.51.116.107 - - [24/Feb/2005:14:01:15 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
218.56.70.162 - - [24/Feb/2005:14:01:22 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 47186 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
220.184.97.129 - - [24/Feb/2005:14:01:34 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
218.56.70.162 - - [24/Feb/2005:14:01:49 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 47186 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.54.214.236 - - [24/Feb/2005:14:04:00 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 47186 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
218.83.107.4 - - [24/Feb/2005:14:05:42 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.52.83.81 - - [24/Feb/2005:14:06:11 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
218.83.107.4 - - [24/Feb/2005:14:06:16 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
218.83.107.4 - - [24/Feb/2005:14:06:27 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
82.52.83.81 - - [24/Feb/2005:14:06:58 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48732 "http://lala.com"; 
"Mozilla/4.0 (compatible)"
217.95.3.221 - - [24/Feb/2005:14:07:01 -0500] "GET /index.php?showtopic=3964 HTTP/1.1" 200 48734 "http://lala.com"; 
"Mozilla/4.0 (compatible)"