CentOS – Troubleshoot Strange SSHD Log Message Every Minute

my linux box just got this error messages every minutes in /var/log/secure

Jun 14 04:24:28 mybox sshd[19741]: Connection closed by 127.0.0.1
Jun 14 04:25:28 mybox sshd[19764]: Connection closed by 127.0.0.1
Jun 14 04:26:28 mybox sshd[19770]: Connection closed by 127.0.0.1
Jun 14 04:27:28 mybox sshd[19776]: Connection closed by 127.0.0.1
Jun 14 04:28:28 mybox sshd[19782]: Connection closed by 127.0.0.1
Jun 14 04:29:28 mybox sshd[19789]: Connection closed by 127.0.0.1

it was centos 5.2 x86_64 with OpenSSH_4.3p2, the sshd port is not set as default, i'd used different port,
i tought it was some bad programm did some brute force ssh attck from inside (lo).
i had try to put sshd: 127.0.0.1 in /etc/hosts.deny, and then the messages changed now,

Jun 14 12:45:54 mybox sshd[25736]: refused connect from ::ffff:127.0.0.1 (::ffff:127.0.0.1)
Jun 14 12:45:59 mybox sshd[25701]: Received signal 15; terminating.
Jun 14 12:46:00 mybox sshd[25761]: Server listening on :: port 5522.
Jun 14 12:46:00 mybox sshd[25761]: error: Bind to port 5522 on 0.0.0.0 failed: Address already in use.
Jun 14 12:47:01 mybox sshd[25767]: refused connect from ::ffff:127.0.0.1 (::ffff:127.0.0.1)
Jun 14 12:47:06 mybox sshd[25761]: Received signal 15; terminating.
Jun 14 12:47:07 mybox sshd[25792]: Server listening on :: port 5522.
Jun 14 12:47:07 mybox sshd[25792]: error: Bind to port 5522 on 0.0.0.0 failed: Address already in use.
Jun 14 12:54:19 mybox sshd[25881]: error: Bind to port 5522 on 0.0.0.0 failed: Address already in use.
Jun 14 12:54:19 mybox sshd[25881]: fatal: Cannot bind any address.

does anyone got this issue before ? how can i analyze this things..