Wormbo's Homepage
Anti TCC

Release 1.18c for UT2004, Copyright 2003-2004 by Wormbo

If you have any problems with Anti TCC, please post in Wormbo's Area .

Contents


Description

Anti TCC is a mutator designed to perform a more detailed check of various packages and clientside settings. Its main goal in UT2003 was to detect SET command cheats, the so-called temporary console commands or "TCCs". This type of check plays only a minor role in Anti TCC for UT2004 though, since Epic turned on the masterserver feature which keeps out SET command users.


Targets

This release targets the following cheats and potentially unwanted actions:

  • Skin hacks and the external bots that use them
  • Generic checking or disallowing of any file or package
  • Unsecure client-side classes
  • Faster weapon switching with the ThrowWeapon command (only v3236 servers and earlier)
  • 'Flying Leviathan' exploit (only v3186 servers)
  • Invalid render settings (foghack on ONS-Dawn on v3186 servers, high texture mipmap bias)
  • Ingame chat spam
  • Abuse of the SetName command
  • Abuse of text color codes (only v3204 servers and earlier)
  • Server crash attempts (for v3236 and earlier)
  • certain types of UnrealScript hacks
  • Temporary Console Commands (same way as the masterserver detects it, only faster and without masterserver connection)

Anti TCC does notcheck for the following:

  • Speed Hacks (the occasional speed warning is a UT2004 feature)

Installation

The ZIP archive you downloaded contains 8 files:

AntiTCC118c.u
The main package file for Anti TCC.
AntiTCC118c.ucl
Tells UT2004 about the Anti TCC mutator.
AntiTCC118c.int
Tells UT2004 about the Anti TCC commandlets.
AntiTCC118c.u.uz2
A compressed version of AntiTCC118c.u. This file should be uploaded to a redirect server. (only if your server uses redirected downloads )
AntiTCC118cDefINI.txt
Contains the default INI values. You can add these values to your UT2004.ini file if you feel better, but Anti TCC will use exectly this configuration also if you don't add it.
AntiTCC118cDefINI_Lite.txt
Contains a lightweight configuration of Anti TCC for public servers that want to allow colored nicks and don't need player ID logging.
This preset basically only protects against unknown classes and allowes admins to log in silently.
AntiTCC118cDefINI_League.txt
Contains a special configuration for league servers with extended checks. This is not meant to be used on public servers.
This preset does not allow admins to log in silently and doesn't check for text flood or other things that could be annoying on public servers.
AntiTCC118cDefINI_ManualFullMD5s.txt
This preset disables the built-in FullMD5 checks and manually adds Checks=(...) lines for them instead, so you can easily add new MD5s for them. Use this when a new patch is released and you want to have FullMD5 checks that support all previous official versions as well.
AntiTCC118c.htm
This file.

If you want to redistribute Anti TCC, please keep this ZIP archive unmodified.
This goes especially for you ClanBase admins:Please put this ZIP in your own ZIP file if you really have to distribute Anti TCC with additional default TXTs.
The original download can be found at http://www.koehler-homepage.de/Wormbo/download2k4.html#AntiTCC .

Step 1
You should unzip the archive directly in to your root UT2004 directory with "expand folders" turned on.
This will place all files in your UT2004\Systemsubdirectory except for the last two, which will be placed in UT2004\Help.
Step 2
Open the UT2004\System\UT2004.ini, UT2004\System\Server.ini or whatever main configuration file your server uses.
Step 3
To automatically load Anti TCC all the time find the [Engine.GameEngine] section and add the following lines anywhere in that section:
ServerActors=AntiTCC118c.AntiTCCServerActor
ServerPackages=AntiTCC118c
The ServerPackages line will ensure the Anti TCC package is downloaded by all clients connecting to the server and might also fix some problems with demo recording. The ServerActors entry automatically loads Anti TCC and prevents it from being removed from the mutators list. If you don't want that, don't add it. Instead manually start the Anti TCC mutator through the webadmin interface or the server's startup commandline, e.g.:
ucc server DM-Rankin?game=xGame.xDeathmatch?mutator=AntiTCC118c.MutAntiTCCFinal,xGame.MutVampire
Note:You don't need to add the ServerPackages entry. In the unpatched version of UT2004, Anti TCC will add the entry manually and in later versions the entry will not be neccessary for regular playing anymore.
IMPORTANT:You really should remove the UTSecureServerActor and also any references to older versions of UTSecure or AntiTCC. Anti TCC and UTSecure will NOTwork together and Anti TCC will try to get rid of the UTSecureServerActor on its own. Also, Anti TCC will not work together with the SafeGame security mutator by Cruicky.
Step 4
Optionally you can add the changes found in AntiTCC118cDefINI.txt (or one of the other default configurations included in the Anti TCC ZIP archive) to the end of your INI file. The default settings provide good protection already, so if you only want change things through the webadmin, you can skip this step. Anti TCC will automatically write the default [AntiTCC118c.MutAntiTCCFinal] and [AntiTCC118c.AntiTCCSecurity] sections to your servers INI file.
Note:You shouldn't add UPL, UCL or INT files to Anti TCC's list of file checks. The default skins stored in UPL files are checked seperately through Anti TCC's skin checks.

Make sure Anti TCC works properly by connecting to your server. The client console should display something similar to the following example.

==================================================
 Anti TCC v1.18c build 2004-09-23 00:35
 Copyright (c) 2003-2004 Wormbo
==================================================

 * Your unique ID is [ 01234567-89abcdef-01234567-89abcdef ]
 * Player ID logging is enabled
 * Check Timeout: 60 seconds
 * Reaction to insecurities: Kick
 * Reaction to blacklisted files and classes: SessionBan
 * Reaction to modified skins: Kick
 * Reaction to invalid render settings: Message
 * Anti TCC is running in single MD5 mode
 * Admins may log in silently
 * Verified AntiTCC118c (default)
 * Verified HumanMaleA (default)
 * Verified HumanFemaleA (default)
 * Verified Jugg (default)
 * Verified Aliens (default)
 * Verified Bot (default)
 * Verified SkaarjAnims (default)
 * Verified XanRobots (default)
 * Verified ThunderCrash (default)
 * Verified Hellions (default)
 * Verified NewNightmare (default)
 * Verified PlayerSkins (default)
 * Verified UT2004PlayerSkins (default)
 * Verified DemoPlayerSkins (default)
 * Verified BrightPlayerSkins (default)
 * Verifying skins...
 * Verifying classes...
You have been validated successfully.
          

When a client connects to an Anti TCC 1.18c server for the first time and you added file blacklist or MD5 checks for files outside the client's UT2004 and WindowsXP Prefetch directories the client will see a message box where he is informed about and has to agree to the check. If he doesn't he will either be locked in spectator mode (if the match already started and there are free spectator slots) or get disconnected.

Everything Anti TCC displays in the client's console is also written to the file AntiTCC_ClientConsoleLog.log in the client's UT2004\UserLogs directory.

You should check the server's log file (usually ucc.log or server.log) for Anti TCC warnings. Anti TCC will tell you if something went wrong or whether your configuration might cause problems. With the default configuration something like this should be logged to the server's main log file (usually server.log, ucc.log or ut2004.log):

AntiTCC: ==================================================
AntiTCC:  Anti TCC v1.18c build 2004-09-23 00:35
AntiTCC:  Copyright (c) 2003-2004 Wormbo
AntiTCC: ==================================================
AntiTCC:  * Preventing Fast Weapon Switching
AntiTCC:  * Admin faker name is 6lw2B (DM-Antalus.PlayerReplicationInfo)
AntiTCC:  * Initializing checks...
AntiTCC:  * Calculating Full MD5 for AntiTCC118c...
AntiTCC:    [ 9ff80ddfc9e1f51cb4b1b009cf45323f / 98E04E8011D90CF830000C8CB7637684 ]
AntiTCC:  * Player IDs are logged to PlayerIDsINI, old IDs are removed after 30 days
AntiTCC:  * Securing PlayerControllers
AntiTCC:  * Logging output to AntiTCC_xDeathMatch_DM-Antalus_2004-09-23_00-37
AntiTCC:    when neccessary

Console Commands

Anti TCC offers some new console commands. They only work ingame and not from the webadmin interface.

Mutate AntiTCC Version
This command displays the Anti TCC version on the client. If you run Anti TCC without mods that replace the PlayerController this command can be shortened to Verinstead of Mutate AntiTCC Version.
Mutate AntiTCC ShowIDs
This command lists the ID hashes of all players connected to the server.
If you run Anti TCC without mods that replace the PlayerController this command can be shortened to ShowIDs .
You can disable this command for normal (non-admin) players by setting the bClientsMayGetIDsconfig property to False. (see Optionsbelow)
Admins will get the player IDs and their IP addresses.
Mutate AntiTCC Whois player name
This command lists a connected player's ID and other names that player has used on this server since ID logging started. Anti TCC will complete partial names, so you don't have to specify the player's full name.
If you run Anti TCC without mods that replace the PlayerController this command can be shortened to Whois .
You can prevent this command from displaying alias names for (non-admin) players by setting the bClientsMayGetNames config property to False. You can disable displaying player IDs through this command by setting the bClientsMayGetIDs config property to False. (see Optionsbelow)
Admins will always see ID and alias names, as well as the player's IP address. The Whoiscommand requires player ID logging to be enabled.
Mutate AntiTCC Whowas player name or ID
This command lists the player IDs who used a specific name and their alias names. When an ID is specified instead of a player name, that ID's alias names are displayed.
If you run Anti TCC without mods that replace the PlayerController this command can be shortened to Whowas .
You can disable this command for (non-admin) players by setting the bClientsMayGetNamesor the bClientsMayGetIDs config property to False. (see Optionsbelow)
The Whowascommand requires player ID logging to be enabled.
Mutate SilentAdminLogin username password
This command allowes you to login as server administrator without broadcasting your admin status. Some admin commands may not be available when logging in like this. Silent admin login is only available when the AccessControlClass in the server ini's [Engine.GameInfo] section is set to xAdmin.AccessControlIni, i.e. when using advanced admin.
If you run Anti TCC without mods that replace the PlayerController this command can be shortened to SilentAdminLogin instead of Mutate SilentAdminLogin.

Configuration

Checks Lists

The following options need to go under the enter [AntiTCC118c.AntiTCCSecurity] in your UT2004.ini file (or whichever ini file configures your server).

Checks The first configuration option is the Checks data set. All of the important data is combined into one entry for each file to check.
The format for the entry is seen here:
Checks=(FName="file",MD5=("0123456789abcdef0123456789abcdef"),MD5Type=0|2,Optional=True|False)
Notice that each sub-field is separated by a comma and mixes string and numeric data.
By default this list is empty because all relevant MD5 checks are hard-coded.
IMPORTANT:Make sure there are no whitespaces in the Checks entries.
The available sub-fields are:
FName
The FName sub-field defines which files you wish to check. How this field is handled is dependant on the MD5Type sub-field below. If you are doing a QuickMD5 or FullMD5 of an Unreal package, then you only need to include the package name (e.g. PlayerSkins, not PlayerSkins.utx).
If you are doing a FullMD5 on a non-packagefile, then you need to include the full filename and also the path to the file if it's not in the UT2004\Systemdirectory. If you specify a path it should be relative to UT2004's System directory, e.g. ..\Speech\BR.xml.
Please keep in mind that not everyone installed the game on their first harddrive and neither Linux nor Mac systems use drive letters, so using absolute paths or paths outside the UT2004 directory generally is a bad idea.
You are free to use slashes or backslashes for paths. Both will work equally on all clients.
MD5
This is the MD5 that Anti TCC will expect to see for this file. Here you will have to supply a comma-seperated list of MD5s. Each must be enclosed in quotes and the whole list must be enclosed in parentheses.
There is a considerable difference between a Quick MD5 and a Full MD5 so make sure you add the appropriate one depending on the MD5Type sub-field.
MD5 hashes are always 32-digit hexadecimal numbers with a-f in lowercase.
MD5Type
This sub-field determines what type of MD5 check to perform.
Possible values are:
0
QuickMD5 checks are much faster as it utilizes the fact that the package is already preloaded by the game. The drawbacks are it only works on UT2004 packages and the package must be loaded by the game.
2
FullMD5 checks can be performed on any file but tend to be slower for larger files.
IMPORTANT:You shouldn't perform checks on UT2004's own .U, .DLL, .UPL or .UCL files or the Packages.MD5 file. These files are likely to change when patches, custom models or mods are installed.
Optional
If this value is set to Trueand the file is either not loaded (in the case of MD5Type 0) or not found (in the case of MD5Type 2) then it will not be considered a bad file.
Important:Always set this to True when using "not allowed" as the MD5.
FileBlacklist The file blacklist can be used to disallow individual files or a range of file names using wildcards, where '*' represents zero or more characters and '?' represents one or no character.
FileBlacklist=DisallowedFilename
Use one FileBlacklist line for each disallowed file. Paths specified here are relative to the client's UT2004\System directory, but if a file name doesn't contain slashes (/), backslashes (\) or dot (.), Anti TCC will look in all of the client's package directories for matching package names.
You should use this instead of an MD5 check with "not allowed" as the MD5 value because it's more efficient.
Certain blacklist files are hard-coded, such as OpenGL32.dll, Entry.dll, den_p1p0-Hack.ini and UnrealGame.dll, as well as known aimbot names.
This blacklist allowes you to check files outside the UT2004 directory, but Anti TCC will ask the client if he agrees to those checks if they look for files outside the Windows XP Prefetch directory.
Note:To disallow files only in specific configuration profiles, put the FileBlacklist=... lines for those files in the profile section instead.

Other Settings

The following options need to go under the enter [AntiTCC118c.MutAntiTCCFinal] in your UT2004.ini file (or whichever ini file configures your server).
They can also be changed from the web admin interface and you can put them in configuration profiles to quickly switch between different configurations.

bAllowClientConsoleMessages Anti TCC displays messages in the client's console and log file about security checks. This option can disable the console messages.
bBroadcastConsoleErrorMessages Enables or disables Anti TCC's red console warning messages stating the reason for a kick. This will not display a client console warning when bAllowClientConsoleMessagesis disabled, but the warning will still be logged in the client's log file.
bMessageBeep Enables or disables the beep sound played when Anti TCC detects illegal files, settings or activities on a client.
bBroadcastClientScreenMessages Enables or disables Anti TCC's a red warning message in the center of all clients screens when a client is kicked by Anti TCC.
bDisplayProgressMessages
bDisplayProgressScreenMessages
bDisplayProgressMessages enables or disables Anti TCC's progress messages in the center of the screens during initial checks.
bDisplayProgressScreenMessages specifies whether the progress messages should be displayed in the center of the screen or in the chat area.
bClientsMayGetIDs
bShowOnlyFirstPartOfID
bShowOnlyLastPartOfID
bClientsMayGetIDs determines, whether clients may see other players' CD key hashes. Setting this to false will disable the ShowIDsand Whowascommands and disable the ID display in Whois .
bShowOnlyFirstPartOfID will hide everything except the first eight digits of the player ID, bShowOnlyLastPartOfID will hide everything except the last eight digits. If both are False the whole ID is displayed, if both are True the middle part of the ID is replaced with astrerisks.
Usually half of the player ID should be enough identify a player. Showing only parts of the ID prevents malicious users to abuse the keys, but still allows propery identification.
bClientsMayGetNames Determines, whether clients are allowed to view other players' alias names. Setting this to false will disable the Whowascommand and disable the alias name display of the Whoiscommand.
bShowInServerDetails
bServerOSInServerDetails
bShowInServerDetails tells Anti TCC whether it should show up in the server details.
bServerOSInServerDetails determines whether Anti TCC should add the server's operating system to the server details like it's done in some other games.
bCheckSkins If set to True, Anti TCC will perform checks to ensure neither the player skins listed in XPlayersL1.upl and XPlayersL2.upl nor the default skin packages are modified.
bCheckMapMD5 If set to True, Anti TCC will automatically do a Quick MD5 check of the map played before performing other file checks.
Important:This will make it impossible to allow unpatched Mac UT2004 clients to play on your server!
bCheckFullMD5 If set to True, Anti TCC will automatically check all default .U files' FullMD5s. Please note that this check only supports client versions 3186 (unpatched), 3204, 3236, 3270 and 3323.
Other client versions (i.e. betas and newer patches) will be forced to spectate or disconnect when this option is enabled.
bSingleMD5Mode This setting was added by request from ClanBase so serveradmins can proof they don't exploit the option to specify multiple MD5s. When enabled, it forces Anti TCC to ignore all but the first MD5 value specified for each custom file check.
Setting this to True or not having multiple MD5 reference values for any filr check will make Anti TCC display "Anti TCC is running in single MD5 mode" to clients connecting to your server.
Important:You will no longer be able to have more than one MD5 value per file check if you set this to true. (This does not affect the built-in skin and FullMD5 checks.) This will make it impossible to allow unpatched Mac UT2004 clients to play on your server if you told Anti TCC to perform any custom QuickMD5 checks!
You should probably use Anti TCC's config profiles feature (see Using Configuration Profiles below) if you need to use this option.
bLogClientPackages Determines, whether a list of all packages loaded on the client should be logged in the server's log file.
This option probably is more useful in league matches than on public servers. Also note, that this only logs the packages initially loaded. Packages loaded during the match will not be listed here.
bLogClientClasses Determines, whether a list of all classes of clientside objects should be logged in the server's log file.
This option probably is not that useful other than for troubleshooting. Also note, that this only logs the classes of objects initially loaded. Objects created during the match will not be listed here.
bCheckClientClasses
bTryToDisableHacks
bCheckClientClasses makes sure certain classes used by the client are actually known on the server. This check will be repeated during the match to ensure newly loaded classes are known as well.
bTryToDisableHacks tries to disable detected hack classes and also periodically tries to unload hacks based on the HelioS security hack when the player dies. This causes a really short client-side freeze when the player dies at least 2 minutes after the last attempt to unload these types of hacks, regardless whether there are actually any hacks loaded or not.
bDelayMatchStart Delays the start of a match until all players have been validated.
It's probably not too wise to enable this on public servers because every time a new player joins the match start is delayed further.
Note:The match will always start only after at least one client is done with the clientside initialization of Anti TCC.
bDelayLateJoin Prevents players from spawning until they have been secured. The difference to bDelayMatchStart is, that the actual match start isn't delayed, but modified clients still can't affect gameplay.
It might be a good idea to disable this option in clan matches so the game can quickly continue after a player dropped and reconnected.
Note:Clients will only be able to respawn if they are done with the clientside initialization of Anti TCC.
bPreventFlyingLeviathan Prevents the 'Flying Leviathan' bug exploit in UT2004 v3186, where a Leviathan can be attached to any other vehicle to fly or drag it around.
bCheckRenderSettings If set to True, Anti TCC will make sure clients don't use a DefaultTexMipBias > 0.5 or DrawDistanceLOD > 1.0.
Use WhatToDoRender to specify how these clients should be handled.
bCheckForTCCs If set to True, Anti TCC will look for clients who used SET command hacks (Temporary Console Commands).
Use WhatToDoTCC to specify how these clients should be handled.
bRotationLock When Anti TCC secures the PlayerController it also makes the view rotation invalid for anything that tries to draw something after the HUD. Use this INI-only option to disable that feature.
TimeoutSeconds
bKickOnTimeout
TimeoutSeconds determins how long the mutator will wait before it considers the whole system to have timed out, i.e. not functioning properly.
Values lower than 10 seconds are not allowed. The recommended minimum value is 20 seconds for TimeoutSeconds and 60 for InitialTimeoutSeconds.
If bKickOnTimeout is true, when a player times out, he or she will be kicked from the server.
Important:A timeout doesn't imply cheating. It is usually caused by connection problems or client crashes or the client simply needs too much time for precaching game content.
bSelfIntegrityChecks If set to True, Anti TCC will check itself and other classes on initialization for modifications.
WhatToDo
WhatToDoBlacklisted
WhatToDoSkins
WhatToDoRender
WhatToDoTCC
The WhatToDo options determine what your server will do if it detects an insecurity.
The available options are:
LogOnly
Nothing, just log the transgression
Message
Log the transgression and display a message (if allowed)
Kick
Log the transgression and kick the user
TempBan
Log and kick ban the user for ten minutes or until the next map change (whichever happens first)
SessionBan
Log and kick ban the user until the next map change
PermanentBan
Log and kick ban the user for good.
WhatToDoBlacklisted applies to insecurities due to disallowed files or illegal classes, WhatToDoSkins applies to modified UPL files, WhatToDoRender is used for illegal render settings (i.e. DefaultTexMipBias > 0.5 or DrawDistanceLOD > 1.0) and WhatToDoTCC applies to detected SET command hacks; WhatToDo is used in all other cases.
Banning options are not available for WhatToDoRender.
bEnableAdminFaker This might fool aimbots into thinking an admin logged in. Some aimbots have an admin login detection, which may get triggered and automatically disconnects the cheater.
To find out the player ID of a suspicious player you can use the Whowascommand if player ID logging is enabled. (See SavePlayerIDsTooption below.)
bAllowSilentAdminLogin When enabling this option, admins will be able to log in without appearing as administrators using the SilentAdminLogin command. This only works with advanced admin enabled, i.e. in [Engine.GameInfo] you have to set AccessControlClass=xAdmin.AccessControlIni.
Note:Some admin commands might not work correctly when using silent admin login.
bNoTossWeaponSwitch Prevent faster weapon switching by throwing the weapon and picking it up immediately while running forwards.
bNoSpamCheck Disables Anti TCC's chat spam filter.
Note: The spam filter will not work with mods that replace the PlayerController.
bPreventMassSuicide Prevents suiciding in quick succession.
Note: This will not work with mods that replace the PlayerController.
bFilterPlayerNames Removes color codes from player names. Regardless of this setting, Anti TCC will always strip color codes for its output.
Note: This may not work correctly with mods that replace the PlayerController.
bStripMessageColors Removes color codes from Say and TeamSay messages.
Note: This will not work with mods that replace the PlayerController.
SavePlayerIDsTo
KeepPlayerIDsDays
Set SavePlayerIDsTo to PlayerIDsINIor PlayerIDsxINI (where xis any number between including 1 and 9) to log all players' IDs to PlayerIDsx .ini. All other values will disable player ID logging and also Anti TCC's Whowas command, which requires this feature.
KeepPlayerIDsDays tells Anti TCC after how many days an ID should be removed from the database. You should try to find a good value here, because if there are too many IDs in the database players on the server might experience lag when a new player joins. (This value is not affected by configuration profiles.)
AllowedConsoleClass
AllowedGUIControllerClass
The AllowedConsoleClass specifies the console class clients are allowed to use and the AllowedGUIControllerClass does the same for the client's GUIController class.
bUseCustomLog When set to true, Anti TCC will send most of it's log output to the log file specified in the next variable.
bSimpleLogMode
bSingleLineLogs
In Simple Log Mode, Anti TCC will only create the custom log file when an insecurity or important other problem is detected. The time placeholders of the log file name will use the map startup time, but the first logged line will show the time when the log file was actually opened.
NOTE:Enabling this option will turn off the bLogClientPackages option.
Single Line Logs will cause Anti TCC to log only a single line for each insecurity found instead of one line with the player data and one or more lines with the description of the insecurity.
LogFileSaveInterval Values greater than 0 will cause Anti TCC to close and re-open the custom log file once in a while to force all log data to be written to disk.
This option is useful when dealing with server crashes possibly related to cheats and other exploits because without it the custom log would only be saved when switching maps.
LogFileTimestampFormat The timestamp format to be used in the custom log file. This option has no effect when the custom log file is disabled. You can use the following placeholders in the timestamp:
yyyy
Year (four digits)
yy
Year (two digits)
mm
Month (two digits)
dd
Day (two digits)
hh
Hour (24 hours format, two digits)
nn
Minute (two digits)
ss
Second (two digits)
LogFileName Holds the name of the log file to output to. This file gets stored in the \UserLogs directory and the file extension ".log" is automatically appended.
You can use one or more of the following placeholders in the filename:
%y
Year (four digits)
%m
Month (two digits)
%d
Day (two digits)
%h
Hour (two digits)
%n
Minute (two digits)
%s
Second (two digits)
%i
Server IP
%p
Server port
%l
Map name (Level)
%g
Game type
CurrentProfile Holds the name of the configuration profil currently in use. (see below) For obvious reasons this setting is only available in [AntiTCC118c.MutAntiTCCFinal], but not in configuration profile INI sections.

Using Configuration Profiles

Anti TCC allows you to store more than one configuration in your server's INI file. These configuration profiles contain the same options as the [AntiTCC118c.MutAntiTCCFinal] section of you INI file, but start with [profilename AntiTCCSettings]. To load a profile you have to add the parameter ?AntiTCCSettings=profilename to the map URL when switching maps with the ServerTravelcommand or on the server startup commandline, e.g.:

ucc server DM-Rankin?mutator=AntiTCC118c.MutAntiTCCFinal?AntiTCCSettings=1on1DM

(Of course, the "?mutator=AntiTCC118c.MutAntiTCCFinal" part isn't neccessary if you run Anti TCC as a server actor.)
You can also use the webadmin interface to specify a profile name in the Current Profiletextbox.
You don't have to edit the server's INI file to create profiles. Just use the ?AntiTCCSettings parameter as described above with an unused profile name and the new profile will be created. You can then change the Anti TCC settings as usual in the webadmin interface. The changes will be saved to the specified Anti TCC profile once you restart or change the map.
When you return to a "profile-less" configuration, the last profile used will stay active, but changes aren't saved to that profile anymore. To disable profiles simply restart the map with the ?AntiTCCSettings parameter and leave the profile name empty or completely leave out the ?AntiTCCSettings parameter if there are other URL parameters like ?gameor ?mutator. You can also change the Current Profile setting in the webadmin interface to "-" and restart the map.


Potentially Asked Questions

Do I still need to install UTSecure?
No. Anti TCC completely replaces UTSecure.
When you try to run both mutators Anti TCC will disable itself or UTSecure.
Will Anti TCC prevent my server from being listed as a standard server?
No. The master server properly recognizes Anti TCC as part of a standard server's configuration.
I installed Anti TCC but it doesn't seem to start. What's wrong?
Anti TCC will only run correctly on dedicated servers. Many of its features are disabled in Instant Action or on a listen server. Check the server's main log file (usually UCC.log or server.log in the server's System directory) to see what went wrong.
There are many players with the same ID, is that a bug?
UT2004 assigns a special player ID to players who used a SET command to change certain things. This ID can indicate the use so-called TCCs (temporary console commands) and can blocked with the bCheckForTCCs configuration option.
How do I find out the MD5 value(s) for the Checks=... list?
There are two different types of MD5's that can be generated. QuickMD5 rely on the fact that the package is already loaded. This is a very fast MD5 that's great for large files (like PlayerSkins.utx). The downside is it's only available for actual UT2004 packages. Full MD5s generate a full fledge MD5 hash of any file.
You can obtain a Full MD5 of any file by using the following UCC commandlet:
UCC MasterMD5 -f <filename>
This will give you the 32 digit MD5 you need for the MD5 field above. Please keep in mind that only files that will not change can be checked using Anti TCC. Do not attempt to check core .U files (they are already protected and have a different MD5 in every version).
You can obtain a quick MD5 of any package by using the UCC commandlet:
UCC MasterMD5 -q <packagename>
Rember that you do not need to include the path or file extension for quick MD5's as UT2004 will use its internal package loading code to open it.
MasterMD5 will always only give you the MD5 of one version of a file. Keep in mind that because of patches or different releases there might be more than one version of a file you wish to check.
Why is there an empty [AntiTCC118c.AntiTCCSecurity] section in my INI file?
The default MD5 checks are hard-coded now. This has the advantage for clients, that they can be sure server admins don't exploit Anti TCC's feature to allow multiple MD5s for a given file check.
What does the "Security ID" in the log file mean?
The Security ID is a unique number associated with the Anti TCC security actors. This number is increased by one every time an AntiTCCSecurity actor is spawned and will be reset when the map changes.
A player keeps the same Security ID until he or she disconnects. When the player reconnects a new security actor is spawned and a new Security ID is assigned.

Anti TCC Commandlets

Anti TCC comes with a commandlet for working with the player ID logs. I suggest installing Anti TCC on your client and copying your server's PlayerIDs.ini to your own UT2004\System directory to make things easier.
To run one of Anti TCC's commandlets, just type the corresponding command at the commandline, in a DOS box, in Windows' Run dislog box, etc.

Log File Basics

Anti TCC's player ID log files are simple ini files with a list of IDs and the names used by them. Multiple versions of Anti TCC can store IDs in the same ini file, but they will only be able to read their own logs from them unless you merge logs.

Generally an Anti TCC player ID log looks like this:

[AntiTCC118c.PlayerIDsINI]
Player=(Id="0123456789abcdef0123456789abcdef",Names=("foo","bar"),LastSeen="disconnecting at 2004-02-01 13:37")
Player=(Id="abcdef0123456789abcdef0123456789",Names=("Player","The_Real_Llama"),LastSeen="getting kicked at 2004-01-23 08:15)

The PlayerIDsINI part in [AntiTCC118c.PlayerIDsINI] corresponds to the file name, in this case PlayerIDs.ini. IDs logged in e.g. PlayerIDs3.ini would start with [AntiTCC118c.PlayerIDs3INI].
To convert an older version's ID logs, simply change the AntiTCC*. part to AntiTCC118c and run the CleanUp command described further down. If you want to combine multiple logs you don't need to clean them up before merging them.
Please note that UT2003 player IDs are useless in UT2004 and vice versa.

MergeLogs Command

The Anti TCC MergeLogs command combines all player ID logs (i.e. PlayerIDs.ini, PlayerIDs1.ini, PlayerIDs2.ini, etc.) into a single log file.

Syntax
UCC AntiTCC MergeLogs[LogName=logfile]
Parameters
LogName=logfile
Specifies the file the merged log should be saved to.
You can specify a number between 0 and 9 which corresponds to the files PlayerIDs.ini, PlayerIDs1.ini, etc.
If left out, Anti TCC's SavePlayerIDsTo setting is used.

CleanUp Command

The Anti TCC CleanUp command merges duplicate IDs and removes empty or duplicate names from log files. This commandlet is mainly intended for log files that have been merged manually instead of with the MergeLogs command.

Syntax
UCC AntiTCC CleanUp[LogName=logfile]
Parameters
LogName=logfile
Specifies the log file to be cleaned up.
You can specify a number between 0 and 9 which corresponds to the files PlayerIDs.ini, PlayerIDs1.ini, etc.
If left out, Anti TCC's default player IDs log file is cleaned up.

DuplicateLog Command

The Anti TCC DuplicateLog command copies a set of logged player IDs into one or more other log files.
Important:The previous content of the log files specified will be lost!

Syntax
UCC AntiTCC DuplicateLog[All|number number...] [LogName=logfile]
Parameters
All
Use the Allparameter to copy the specified log to all other log files.
number
The numberparameters can be used to copy the specified log to only to the log files specified.
You can specify a number between 0 and 9 which corresponds to the files PlayerIDs.ini, PlayerIDs1.ini, etc.
LogName=logfile
Specifies the log file to duplicate.
You can specify a number between 0 and 9 which corresponds to the files PlayerIDs.ini, PlayerIDs1.ini, etc.
If left out, Anti TCC's default player IDs log file is used.

FindPlayer Command

The Anti TCC FindPlayer command lets you search for IDs and nicks in a player ID log.

Syntax
UCC AntiTCC FindPlayerID|name[LogName=logfile]
Parameters
ID
A player ID written as 32-digit hexadecimal number. The commandlet will display all alias names for this ID.
name
A player name. The commandlet will list all IDs with the alias names used by them.
You can use the wildcards * (matches any number of characters) and ? (matches exactly one character) anywhere in the player name. The string "d*hunter" would match the nicks D-Hunter, duck_hunter and dOgHuNtEr, but not ID_hunter or deadhunt.
LogName=logfile
Specifies the log file you want to search in.
You can specify a number between 0 and 9 which corresponds to the files PlayerIDs.ini, PlayerIDs1.ini, etc.
If left out, Anti TCC's SavePlayerIDsTo setting is used.
Valid XHTML 1.0! Site design by Wormbo © 2002-2007 Valid CSS!