honeyd and logging problem

["Andy Woods" <andywoods () mail com>]

3 problems/questions...

1) I am running honeyd 0.8 on a Gentoo linux platform and I am unable to log any data with the -l command line switch.  
Honeyd is run with 'honeyd -d -p nmap.prints -f honeyd.conf -a nmap.assoc -l /apps/logfile 192.168.1.10'... I've 
touched the file, and the verbose output from honeyd does open the file "honeyd_logstart: fopen("/apps/logfile"), but 
there is no data logged when i ping the box from another machine (not the virtual honeypot machine), nmap scan it, or 
connect to the honeypot through a telnet service i set up.  Any suggestions?

2) I'm using the stock nmap and xprobe files and when I nmap my a virtual machine i set up, I'm unable to dectect the 
OS.  Nmap spits out the TCP/IP fingerprint that it finds.  I've set up a basic Linux and Cisco router that's been used 
in the forums and other documentation.

create linux
set linux personality "Linux 2.4.16 - 2.4.18"
set linux default tcp action reset
set linux default udp action reset
add linux tcp port 1000 "sh scripts/pop/emulate-pop3.sh"
add linux tcp port 21 "sh scripts/ftp.sh"
bind 192.168.1.10 linux

3) When I run honeyd i receive a warning of
"Warning: Impossible SI range in Class fingerprint "IBM OS/400 V4R2MO"
"Warning: Impossible SI range in Class fingerprint "Microsoft Windows NT 4.0 SP3"

Wondering where this is coming from.... Haven't played around with the fingerprint files at all.  

Any suggestions would be greatly appreciated.