Below are screenshots from a packet capture from Wire Shark. We have two managed switches that are currently set to shutdown any suspected port of a DOS attack. We have witnessed the switch shutting down the WAN port numerous times. If we disable the DOS port check in the switches than eventually our ISP will shutdown our internet service.
We began by blaming malware for this and have done numerous scans of every desktop with multiple products and have found no infections.
The UDP packets that are outbound have check sum errors and the Inbound UDP packets are fine.