In my server logs I noticed continual requests for favicon.ico which is delivered as code 200 (OK).

I guess that this is a form of denial of service attack? To slow down the server, max out CPU, pollute stats etc.

Instead of an IP address in Apache Server logs I have something like:

But my firewall needs me to enter an IP address into a list of banned IPs.

Any tips on how to block this parasite?