Serveral host broadcasting to port 1434

[the_loser55 () hotmail com]

Hello,

I've just started playing with snort rules and created a new rule for the internal network that would grab any traffic 
on port 1434 "Microsoft-SQL-Monitor". The rule is now running and I see several desktop PC's sending out traffic to 
destination 255.255.255.255 port 1434. So my question is are these desktops compromised. I've seen references to a 
MS-SQL worm with activity like this. Any thoughts would be much appreciated.

Thanks