Follow along to gather banner information using Netcat:

1. To use Netcat to grab service banners, one must establish a socket connection to the intended port on the remote system. To quickly understand the usage of Netcat and how it can be used for this purpose, one can call upon the usage output. This can be done using the -h option:

2. By reviewing the various options available for this tool, we can determine that a connection can be made to the desired port by specifying the options, followed by the IP address and then the port number:

3. In the example provided, a connection has been made to port 22 of the Metasploitable2 system at 172.16.69.128. The -v option was used to provide verbose output, and the -n option was used to connect with the IP address without DNS resolution. Here, we can see that the banner returned by the remote host identifies the service as SSH, the vendor as OpenSSH, and even the exact version as 4.7. Netcat maintains an open connection, so after reading the banner, you can force to close the connection with Ctrl + C:

4. By performing a similar scan on port 21 of the same system, we can easily acquire service and version information of the running FTP service. In each of these cases, a lot of useful information is divulged. Knowledge of the services and versions running on a system can often be a key indicator of vulnerabilities, which can be used to exploit and compromise the system.