I consider myself somewhat technologically abled but working with Incredible PBX, VPSs, and networking definitely is getting my hands dirtier than I thought it would. I have several endpoints that have dynamic IPs and it's not really feasible to have them connect through a VPN. (1) I am considering disabling knockd, changing my SSH port, and using fail2ban as the only means of security (with the obviously super long and complex password). Is this a horrible idea? (2) Additionally, I've been having difficulty disabling or removing knockd. When I disable it as a service, upon restarting the VPS, it needs to be re-enabled again, before I'm able to connect to it. (3) Lastly, I've been trying to grasp the difference between a regular SIP provider and a SIP trunk provider. It seems as though they're the same thing, no? Any help or input on any of the above is certainly appreciated. Thanks.