I would start by running a syn scan against ports 80 and 21, hoping to recieve a syn/ack packet, indicating a tcp service is listning on them ports, if indeed one is, your scanner should reply with what type of service is offered, FTP etc. Nmap will have a good go at profiling the system, O.S etc, how ever if it does not, then I would look for tell tale signs within the scan, (thats however another lesson altogether). For arguments sake lets say that port 80 did have a tcp service running and that you now know its a win box.
Time to enumerate the box (so has you know what exploit to use) use what ever tool you want but netcat should work. Just netcat to the ip address and port using no extra switches, use the GET command followed by some nonsense ie GET pongomongo, the system will reject the command and. send back its information.
Now we have the info we need, ie the server and its O.s. we choose the appropriate exploit from metasploit (which in your case is a reverse shell) thats pretty much it unless you wanna start coding your own exploits, (a waste of time as metasploit contains an abundance of them, of course if you wanted to attack the server without triggering any alarms you would have to code everything yourself, but hey its YOUR BOX so thats not a problem)