Hi

littlenick, thanks for your nice explanation of a brute force attack on a server with
a known username. It already has been discussed in this thread. Now, people try
to discuss how to gain information about what damage has been done to the
compromised system. Another unknown/topic is, how a "simple" ftp-user gains
root-access to the box (edit: well, and whether it really was a brute-force attack
or rather an exploit, but the log-files points to a brute-force attack using a dictionary,
hence the password of rootbeer was rather weak).

As per your question how long it would take to brute force a password.
Assume an "alphabet" consisting of approximatively 25 character (a-z)
and a password of length l, e.g. 8

Then, you have 25^l possibilities to brute force.

A 100% succesfull brute force attack using n nodes (e.g. 100)
and an assume average "check" of login/password of 10ms (rather low)

duration = 25^8 / 100 * 10 ms = 175 days...

Cheers