Authen::Captcha and GD::SecurityImage are two of the modules that do this. You may find code posted at Re: Authen::Captcha Segmentation Fault Under mod_perl useful. Related threads are Image Verification Program and Code to Block Scripts/Harwesters (GD based?)

There are issues with the visually impaired that bear thinking about. Another approach (can be complementary) is to log access time and IP and limit each IP to so many accesses per minute/hour/day as applicable. Like capthchas this too has some issues, most notably with lots of users behind one proxy. You can make life very hard for screen scrapers using bot tools with creative use of redirects, small javascript widgets and cookies. These measures may cause issues with the search engines which is yet another consideration.