Hello ppl, my first post here. Wondering if anyone else on woosh has noticed outgoing and incoming connections to 202-74-205-41.woosh.co.nz? lately we started noticing connections to 202.74.205.41(42,and 43) (using tcpview) while trying to connect to certain web addresses or update virus defs.

So, we blocked the range and called woosh about it. The csr asked me to send some logs for confirmation. i sent the logs and they got back to me saying it appears to be a security breach and that they have contacted the person responsible and blocked the said address at their end and that i should have no problems now.

After i got home and logged on connections were still being made at teh same address, so i called woosh again and another csr told me that the person trying to hack me was from another isp, but then he slipped up and said they sent this person a letter to warn them. i said "Sent a letter?" and he "Oh yeah, he must be a customer of ours". Then he put me on hold while speaking to a technician, came back and said that it will be sorted within a couple days and that it was under investigation by techs.

So i left it at that. Later that day a tecnician from woosh called back and said that they determined that it was actually a new upgrade they made to their network that was responsible for the connections and that certain data would now be coming through akaimai?? and going through said address range and that it was okay for me to unblock it.

Checked our system out using virus/rootkit scans (kaspersky, nod32, sophos, spybot, a2 etc), came up with nothing.

Has anyone else here noticed these connections or have any insight into this?

I feel like i was sent around the loop, but i dont know what else i can do. Any feedback would be much appreciated. Cheers.