Since we sometimes receive feedback on that as the term "DDOS" on a single IP address is wrong, here even a brief explanation of why the name is correct:

ApacheDDOS:

In a single domain or IP address access many different IP addresses (DDoS) to. These are with fail2ban on certain characteristics such as specific user agent (Firefox 1.x, 2.x) or specific URL Views: domain.tld / file-get updated very often-nicht.txt identified and blocked.
These will be (default) from us after more than 4 views reportet.
From the perspective of the recipient of the reports, it looks like a DOS (yes there was only one reported IP). From the perspective of the affected server, it is of course a DDOS.

Dear recipient of a ApacheDDOS Report: please check the clients, as these infected with a trojan and part of a botnet are.

enter

enter

enter

BadBots:

These are IP addresses, which create honeypot forums, wikis honeypot or honeypot domains with a guest book or comment feature entries which different URL's (buy Viagra ....) bespammen.
Here, many comments are made manually via a VPN service provider.
And yes, a comment with a blog as:
[url=http://www.tramadol2011.co.cc]morphine tramadol dosage equivalent[/url]
[url=http://www.tramadol2011.co.cc/link/tramadol/1_pharma.html][img:61396c6b8b]http://www.tramadol2011.co.cc/img0/tramadol/1_pharma.png[/img:61396c6b8b][/url]

[url=http://www.tramadol2011.co.cc/link/tramadol/2_pharma.html][img:61396c6b8b]http://www.tramadol2011.co.cc/img0/tramadol/2_pharma.png[/img:61396c6b8b][/url]

[url=http://www.tramadol2011.co.cc/link/tramadol/3_pharma.html][img:61396c6b8b]http://www.tramadol2011.co.cc/img0/tramadol/3_pharma.png[/img:61396c6b8b][/url]

Is that as bad as SPAM!

enter

enter

enter

postfix:

These are major releases already by multiple 5xx messages.
If a mail server is not hard errors such as these means, it is configured incorrectly, or a bot:
Mar 13 10:14:03 server5 postfix/smtpd[27364]: NOQUEUE: reject: RCPT from unknown[211.147.3.74]: 554 5.7.1 Service unavailable; Client host [211.147.3.74] blocked using xbl.spamhaus.org; http://www.spamhaus.org/query/bl?ip=211.147.3.74; from=<anwalttzv @gmx.de> to=<info@domain.tld> proto=SMTP helo=<gmx.de>
And even if this means the adoption of spam mail has been eliminated, the PC / server still infected and sends it to another server, which uses spamhaus.org not a spam mail!

enter

enter

enter

regbot:

Are IP addresses, which are automated (robot holding) register with some honeypot forums.

On the pages is written in h2 that all registrations and postings are reported. Most IP addresses are also http://stopforumspam.com listed and will be passed on to SFS.