No need to panic. Favicons are those incons to the left of your URL on most browsers. Browsers automatically see if it exists in your root every time your page is visted, if it doesen't exist it is logged as an error. Thus your logz.
LB > Sorry to bother, but is this an attack? I get repeated requests for a file "favicon.ico" that should have been, or so the client connecting believes, in the root of my htdocs. The conections come from different hosts, and at least in some it seems to be running Konqueror, so it is not a Windows worm: "GET / HTTP/1.1" 200 1004 "-" "Mozilla/5.0 > (compatible; Konqueror/2.2.2; Linux)". > > I run Debian Sarge, with Apache 1.3.31. There never existed a > "favicon.ico" on my server since I am online, I never registered to search engines, kept a low profile, used a very restrictive robots.txt etc. and used the site only to have online a development version of the site I am doing for a customer. This comes after some weeks of attacks and failed buffer overflow attempts, so I might be getting to nervous. > > it's a little bit offtopic, but I found nothing about it on cert.org ... > > thank you in advance, > > Emil Perhinschi > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]