What is favicon.ico???

Greetings;
My redhat 7.3 server's access_log file (and error_log) both record users
trying to find a file called favicon.ico. I expect this might be some kind
of "hijacking" attempt. Others try and find blogs and php files that I
don't run.
Is this a security attempt at my machine?
Thanks for replies.
Doug

On Sun, 18 Dec 2005 15:13:48 GMT, Doug Holtz NOSPAM in adress wrote:
> Greetings;
> My redhat 7.3 server's access_log file (and error_log) both record users
> trying to find a file called favicon.ico.

On my Mandriva linux box I find
$ locate favicon.ico
/var/www/html/favicon.ico
/usr/share/doc/apache-doc-2.0.54/images/favicon.ico
/usr/share/webmin/favicon.ico
/usr/lib/scribus/doc/en/favicon.ico

> I expect this might be some kind of "hijacking" attempt.

I wouldn't. I would guess a grep through your files might turn up
where it attempts to load it.

Bit Twister wrote:
> On Sun, 18 Dec 2005 15:13:48 GMT, Doug Holtz NOSPAM in adress wrote:
>
>>Greetings;
>>My redhat 7.3 server's access_log file (and error_log) both record users
>>trying to find a file called favicon.ico.

Did you try Google?

I got about 340 000 hits, with some of the first
correct and informative.

(No - it's not anything evil).

--

Tauno Voipio
tauno voipio (at) iki fi

Doug Holtz NOSPAM in adress wrote:
> Greetings;
> My redhat 7.3 server's access_log file (and error_log) both record users
> trying to find a file called favicon.ico. I expect this might be some kind
> of "hijacking" attempt. Others try and find blogs and php files that I
> don't run.
> Is this a security attempt at my machine?
> Thanks for replies.
> Doug
>
>

as far as I understand (and remember) it is a file with a gif (or
something like that) that is used by the browser to display an icon near
the bookmarked site (e.g. firebox displays the icon on the left side of
a bookmarked site in the bookmark sidebar.

Hope this helps, Mario

In article <cufpf.12073$(E-Mail Removed)>,
Mario <(E-Mail Removed)> wrote:
>Doug Holtz NOSPAM in adress wrote:
>> Greetings;
>> My redhat 7.3 server's access_log file (and error_log) both record users
>> trying to find a file called favicon.ico. I expect this might be some kind
>> of "hijacking" attempt. Others try and find blogs and php files that I
>> don't run.
>> Is this a security attempt at my machine?
>> Thanks for replies.
>> Doug
>>
>>
>
>as far as I understand (and remember) it is a file with a gif (or
>something like that) that is used by the browser to display an icon near
>the bookmarked site (e.g. firebox displays the icon on the left side of
>a bookmarked site in the bookmark sidebar.
>
>Hope this helps, Mario

This looks like a good discussion, with links to other resources.

http://en.wikipedia.org/wiki/Favicon


I have a free plug-in to make favicons in my Photoshop and if I had
any artistic taste I could make them. I'll bet GIMP can make them.




--
a d y k e s @ p a n i x . c o m

Don't blame me. I voted for Gore.

On Sun, 18 Dec 2005 15:13:48 +0000, Doug Holtz NOSPAM in adress wrote:

> Greetings;
> My redhat 7.3 server's access_log file (and error_log) both record users
> trying to find a file called favicon.ico. I expect this might be some
> kind of "hijacking" attempt. Others try and find blogs and php files
> that I don't run.
> Is this a security attempt at my machine? Thanks for replies. Doug

Doug,

What you are in your logs are a missing image/file not found entry. It is
not a security issue or hack attempt.

The favicon.ico is that tiny graphic that appears next to the URL in the
address bar (such as that blue "G" when you go to www.google.com) of your
browser. It also appears in your browser's bookmark listing, next to the
name of the site in the list.

All current web browsers are configured to request the favicon.ico image
when it goes to a page on a site. By default it assumes the image is
named favicon.ico & resides in the public-html folder.

The graphic format is similar to that of a Windows BMP image. There are
sites where you can convert a BMP to an ICO image. However you can
easily use GIMP to make an favicon.ico file for your site.

To fix your issue, just do the following:

-- Create an image in GIMP that is 16x16 pixels or 32x32 pixels.

Notes:
* Old browsers may only support the 16x16 size.
* Current browsers [such as IE 5/6 & Firefox] support both sizes.
* Your image may contain a transparent background.

-- When you are ready to save it, use the 'Save As' option from the 'File'
menu.

-- Name your file "favicon.ico" & under the format section select the
".ico" extension

-- upload your favicon.ico image to your server & place it in the
public-html folder of your site

-- then add the following line of HTML code to the head section of all
your web pages. (of course replace the domain with your real one)

<LINK rel="shortcut icon" href="http://www.yourdomain.com/favicon.ico">

That is all there is to it. When you do it this way, both the old
browsers & the newer browsers will find that image in the same location.
This will also remove the annoying 404 file not found errors in
your server's logs.

I hope this helps...

James;

WOW. What an answer. Thank You.

I appreciate all the answers I got, but yours represents a challenge to me.
I will definitely try this, as I hate all the log lines of "Unable to find
favicon" in the error_log.

Have a great holiday.

Doug
"James T." <turajb@_NOSPAM_hoflink.com> wrote in message
newsan.2005.12.18.16.05.43.841250@_NOSPAM_hoflin k.com...
> On Sun, 18 Dec 2005 15:13:48 +0000, Doug Holtz NOSPAM in adress wrote:
>
>> Greetings;
>> My redhat 7.3 server's access_log file (and error_log) both record users
>> trying to find a file called favicon.ico. I expect this might be some
>> kind of "hijacking" attempt. Others try and find blogs and php files
>> that I don't run.
>> Is this a security attempt at my machine? Thanks for replies. Doug
>
> Doug,
>
> What you are in your logs are a missing image/file not found entry. It is
> not a security issue or hack attempt.
>
> The favicon.ico is that tiny graphic that appears next to the URL in the
> address bar (such as that blue "G" when you go to www.google.com) of your
> browser. It also appears in your browser's bookmark listing, next to the
> name of the site in the list.
>
> All current web browsers are configured to request the favicon.ico image
> when it goes to a page on a site. By default it assumes the image is
> named favicon.ico & resides in the public-html folder.
>
> The graphic format is similar to that of a Windows BMP image. There are
> sites where you can convert a BMP to an ICO image. However you can
> easily use GIMP to make an favicon.ico file for your site.
>
> To fix your issue, just do the following:
>
> -- Create an image in GIMP that is 16x16 pixels or 32x32 pixels.
>
> Notes:
> * Old browsers may only support the 16x16 size.
> * Current browsers [such as IE 5/6 & Firefox] support both sizes.
> * Your image may contain a transparent background.
>
> -- When you are ready to save it, use the 'Save As' option from the 'File'
> menu.
>
> -- Name your file "favicon.ico" & under the format section select the
> ".ico" extension
>
> -- upload your favicon.ico image to your server & place it in the
> public-html folder of your site
>
> -- then add the following line of HTML code to the head section of all
> your web pages. (of course replace the domain with your real one)
>
> <LINK rel="shortcut icon" href="http://www.yourdomain.com/favicon.ico">
>
> That is all there is to it. When you do it this way, both the old
> browsers & the newer browsers will find that image in the same location.
> This will also remove the annoying 404 file not found errors in
> your server's logs.
>
> I hope this helps...

Thanks to all who replied. I have learned more again

Doug

"Doug Holtz NOSPAM in adress" <(E-Mail Removed)> wrote in message
news:M0fpf.5922$(E-Mail Removed)...
> Greetings;
> My redhat 7.3 server's access_log file (and error_log) both record users
> trying to find a file called favicon.ico. I expect this might be some
> kind of "hijacking" attempt. Others try and find blogs and php files that
> I don't run.
> Is this a security attempt at my machine?
> Thanks for replies.
> Doug
>