[plingbang]

Combined with IP source address spoofing, it would probably help greatly with DDoS amplification attacks while only saving up <50% packets for good users.

If you care about time rather than packet count, you can send packets with all reasonable TTL values at once.

[kazinator]

Oh no question; the amplification is concerning. Send one packet, get 19 responses, versus having to send 19 packets to get 19 responses: it's a "gain" of 19 to 1.