As far as I'm aware I don't have any un-secure ports.
Everyone has unsecured ports, that's how you access the goobs; 80, 443, 25, 143 to name a few. Regardless, 99.9% of us use NAT by default in this day, so unsolicited external gets are nothing to worry about (note use of the word unsolicited). It becomes tricky when you run services on those ports like a mail or web server, because they solicit on your behalf.
Those UDP loops attempting to access port 19 look like a classic Chargen DDoS attempt, probably undertaken by nOOb script kiddies, and your IP was probably on a list they obtained from torrent networks. Shows their skills, Chargen is about as common as the Tassie Tiger these days and not native to Windows. They would have been better off seeing if you still run default ports for various torrent clients, cause most people never take the time to change them to something obscure.
On one of our public ip's we observer on average 10 attempted RDP connections per minute attempting to brute force, using common usernames passwords such as admin / admin , test / test. I have personally seen attacks be successful due to terrible account naming.
You have mstsc exposed to the Internet? Sounds like a nightmare in the making. Those attacks are always successful when it's someone who knows what they're doing cause Windows is about as secure as a house with no doors.