Many tools are available to perform FTP brute-force password-guessing attacks. As discussed earlier, Hydra is a Unix-based brute-force utility for FTP, POP3, IMAP, HTTP, LDAP, and many other services; Brutus is a similar Windows tool. The tools are available at:[1]
[1] URLs for tools in this book are mirrored at the O'Reilly site, http://examples.oreilly.com/networksa/tools.