I think before you start to learn a tool like metasploit, you better be able to lock down your own box. There's no point in using a tool like metasploit, if you don't know how it works. From looking at your posts, you need to spend more time learning about basic networking. Then maybe once you get a good handle on that, you can start to learn about application security issues. There's a bunch of good books you can buy, but you don't seem interested in learning anything (just having people spoon feed you), so I won't waste my time listing them.