I've installed the 3 mods as suggested (Mod http:BL, Stop Forum Spam and Bad Behaviour) and the three together are blocking a huge amount of malicious activity.
However, I'm still getting a lot of users being logged out.
Looking at the user log, a lot of the IPs involved are present on the Stop Forum Spam database, but the SFP mod only blocks them if they try to register, not if they try to login.
Can anyone suggest any other way to block these IPs or even a mod that makes banning them from the user log faster?