I was reading about Ekiga (Linux VoIP application) at LWN and stumbled across this mention of Skype:
Worth mentioning is the proprietary Skype protocol, which has some serious security implications, according to what researchers presented (PDF) at the Black Hat Europe 2006 conference. Skype clients can be abused for the purpose of port scanning, distributed Denial of Service (dDoS) attacks and other unpleasant things.
The PDF says that although the Skype technology is clever, it is "Impossible to protect from attacks".
LWN reader "tajyrink" says that Skype "works around [NAT] by being a P2P program, not just a VoIP program, by using ruthlessly the bandwidth of other users even without them knowing about it."