repeated requests for a file favicon.ico

To: debian-security@lists.debian.org
Subject: repeated requests for a file favicon.ico
From: Emil Perhinschi <emilper@emilper.ro>
Date: Wed, 06 Oct 2004 11:37:24 +0300
Message-id: <[🔎] 4163AEC4.1090003@emilper.ro>

Sorry to bother, but is this an attack? I get repeated requests for afile "favicon.ico" that should have been, or so the client connectingbelieves, in the root of my htdocs. The conections come from differenthosts, and at least in some it seems to be running Konqueror, so it isnot a Windows worm: "GET / HTTP/1.1" 200 1004 "-" "Mozilla/5.0(compatible; Konqueror/2.2.2; Linux)".

I run Debian Sarge, with Apache 1.3.31. There never existed a"favicon.ico" on my server since I am online, I never registered tosearch engines, kept a low profile, used a very restrictive robots.txtetc. and used the site only to have online a development version of thesite I am doing for a customer. This comes after some weeks of attacksand failed buffer overflow attempts, so I might be getting to nervous.


it's a little bit offtopic, but I found nothing about it on cert.org ...

thank you in advance,

Emil Perhinschi

Reply to:

Follow-Ups:
- Re: repeated requests for a file favicon.ico
  - From: harry_b@mm.st
- Re: repeated requests for a file favicon.ico
  - From: Michelle Konzack <linux4michelle@freenet.de>
- Re: repeated requests for a file favicon.ico
  - From: Steve Kemp <skx@debian.org>
- Re: repeated requests for a file favicon.ico
  - From: Daniel Pittman <daniel@rimspace.net>
- Re: repeated requests for a file favicon.ico - log
  - From: Alvin Oga <aoga@ns.Linux-Consulting.com>

Prev by Date: Re: [SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service
Next by Date: Re: repeated requests for a file favicon.ico
Previous by thread: Re: [SECURITY] [DSA 558-1] New libapache-mod-dav packages fix potential denial of service
Next by thread: Re: repeated requests for a file favicon.ico
Index(es):
- Date
- Thread