What is smbclient?

smbclient (samba) is a computer (usually windows) network protocol, associated with netbios.
Any Window Boxes on your network?
Are you running filesharing?

Message was edited by: nerowolfe

See this page for the manual pages for smbclient.

smbclient is a Unix process that communicates with the Samba server. You don't need to be running Windows as most Linux distros also use a Samba server/client to communicate on Windows networks. What you are seeing may be caused by your VirtualBox VM.

HandyMac wrote:
Thanks for the info, though I'm afraid it's rather beyond my level of expertise.

It's possible that it was a probe from the internet. If you are connected directly to the internet or do not have a router with NAT or a good firewall, these probes, usually for the infamous winders port 139 (netbios) may get through to your computer but they are harmless. If they are getting through, however, it does show that you may have open port(s).
All my ports are set to stealth.
Check your computer firewall settings and also log into your router and check the settings there as well.

Message was edited by: nerowolfe

Although it may not be running now it may have initiated the process during installation or when you first installed your Windows client. Like with Parallels and VM Fusion the networking extensions are run at boot up whether the VM is active or not.

It's easy enough to verify by asking VirtualBox tech support. It may even be in the documentation if you're willing to read through most of it.

If I got a Leopard Why would I need a Family Pack?? What is the difference to a Single Pack? I do though want accounts on the computer not just one account username!

You are threadjacking. Please post your question as a separate topic in the appropriate forum.

I'm having a similar issue. Little Snitch pops up to tell me that:
"Finder via smbclient wants to connect to 5.68.250.83 on TCP port 139 (netbios-ssn)"
The connection is established by: "/usr/bin/smbclient" with the Process ID of 426
The PArent Application is: "/System/Library/CoreServices/Finder.app/Contents/MacOS/Finder" with a Process ID of 218

Can anyone provide any enlightenment as to what is going on. Why does Mac OS Finder need to make this connection? I have no applications running.
Should I tell Little Snitch to deny these 'smbclient' connections forever? Or will that break some part of my Mac OS. I am running Time Machine over my wireless network using a Time Capsule. But I don't remember these messages popping up while I was setting up Time Machine, so I can't beleive this is the cause.

Any help would be wildly appreciated!

A.

I ran into this same problem. I was on a hotel network and I would get a Little Snitch alert asking me to allow smbclient to connect to some IP. Looking at the process it was being launched by Finder. When I killed and had Finder relaunch, it would do it again.

So, I ran trusty dtrace and found that Finder basically runs what is equivalent to nmblookup -M -- -. This queries the local network for master browsers. One of the IPs listed was the IP that smbclient was trying to connect to. So if you run that nmblookup from the Terminal you should see the IP that Little Snitch is warning you about.

There's nothing to worry about. It appears to be normal SMB service discovery stuff.

Hope this helps!

John

Do you have File Sharing turned on, and when you go into the Sharing preference and click the Options for File Sharing, is "Share files and folders using SMB" on? That would activate a lot of SMB code.

Because I can't find any SMB processes running in my Activity monitor, but I switched off SMB sharing a long time ago and never turn it on.