Contents

[top]

Introduction

Anti TCC is a mutator designed to prevent cheating in Unreal Tournament 2004 online matches.
Its goal is to prevent cheats (such as aimbots, triggerbots, radars, skin hacks, wallhacks, etc.) from being loaded or used. Even if Anti TCC can't detect certain cheats directly, it still does its best to make them unusable. It also prevents some exploits that can crash an unpatched server or remove a CTF flag from the map.

[top]

Installation (Server)

To install Anti TCC on your server, simply extract the content of the ZIP archive to your server's System directory.
See the Configuration section for more details about configuring Anti TCC on your server.

The ZIP file contains the following files:

AntiTCC2009r6.u
The main package file containing the Anti TCC code.
AntiTCC2009r6.ucl
A cache library file that adds Anti TCC to the mutators list.
AntiTCC2009r6.u.uz2
A compressed version of AntiTCC2009r6.u, which should be uploaded to your redirected download server, if you use one. (Not required on the game server.)
AntiTCC2009.html
This help file. (Not required on the game server.)

To make sure Anti TCC is loaded all the time, add the following line to the [Engine.GameEngine] section of your server's main INI file (usually UT2004.ini):

ServerActors=AntiTCC2009r6.MutAntiTCCFinal

The ServerActors line already ensures Anti TCC is loaded all the time, so you do not need to add it to other mutator loaders, such as UT2Vote's ServerMuts list. If you only want to load Anti TCC in certain configurations, e.g. via map voting, add it in the "?mutator=" the URL parameter instead.

If you want to record demos on the server or the clients, you should also add the following line in the [Engine.GameEngine] section:

ServerPackages=AntiTCC2009r6

BTW: You don't need to worry about whitelisting, Anti TCC "inherits" its whitelist status from earlier versions as the mutator name has not changed.

[top]

Installation (Client)

As a client you should not install Anti TCC. When connecting to a server running Anti TCC, the package will be downloaded into your UT2004 Cache directory. The download is small and fast, and you will always have the correct version required by the server.

Unless the server admin has disabled all client messages, you can find out wich version of Anti TCC is running on the server by typing Ver at the console. See Client Features for other features of Anti TCC you can use as a client.

[top]

Configuration

Many of Anti TCC's settings can be modified at runtime through the webadmin interface and only require a map restart to take effect. Some features, such as MD5 checks and blacklists, must be configured manually by editing the server's INI file by hand. By default this INI file is called UT2004.ini, but depending on your game server setup, a different file name may be used. Contact your game server provider if you need information about the file name or on how to edit the configuration file.

Anti TCC default configuration

[AntiTCC2009r6.AntiTCCSecurity]
DisallowedFile=
DisallowedFile=
DisallowedPrefetchFile=
DisallowedPrefetchFile=
MD5Check=(FName="UTCompv15",MD5=("9c73b7c9118f419cf17ab9fe76def7b8"),MD5Type=0,Optional=True)
MD5Check=(FName="UTCompv15a",MD5=("251f81b91f2b3dab59cc62b8bad18ba0"),MD5Type=0,Optional=True)
MD5Check=(FName="UTCompv16",MD5=("f30932a51e681f15aaba55224d28f597"),MD5Type=0,Optional=True)
MD5Check=(FName="UTCompv16a",MD5=("e29c11765ed64dc074e586439a181815"),MD5Type=0,Optional=True)
MD5Check=(FName="UTCompv17a",MD5=("5873f0aa58df1ced319593360e49b68f"),MD5Type=0,Optional=True)
MD5Check=(FName="FarnsworthCore",MD5=("7c781e5d4d086b7695200e70d62449c7"),MD5Type=0,Optional=True)

[AntiTCC2009r6.MutAntiTCCFinal]
bAllowClientConsoleMessages=True
bBroadcastConsoleErrorMessages=True
bMessageBeep=True
bBroadcastClientScreenMessages=True
bDisplayProgressMessages=True
bDisplayProgressScreenMessages=True
bClientsMayGetIDs=True
bShowOnlyFirstPartOfID=True
bShowOnlyLastPartOfID=True
bClientsMayGetNames=True
bServerOSInServerDetails=True
bAntiTCCVersionInServerDetails=True
bCheckSkins=True
bSingleMD5Mode=False
bCheckForTCCs=True
bLogClientPackages=False
bLogClientClasses=False
bCheckClientClasses=True
bDelayMatchStart=False
bDelayLateJoin=False
bCheckRenderSettings=True
TimeoutSeconds=60
bKickOnTimeout=True
bSelfIntegrityChecks=True
WhatToDo=Kick
WhatToDoAnnoyance=TempBan
WhatToDoBlacklisted=SessionBan
WhatToDoSkins=Kick
WhatToDoRender=Message
WhatToDoTCC=Kick
WhatToDoLoginFailed=SessionBan
bPauseGameDuringChecks=False
bEnableAdminFaker=True
bAllowSilentAdminLogin=True
bReportAdminLogins=True
MaxFailedLoginAttempts=2
bNoSpamCheck=False
bPreventMassSuicide=True
bFilterPlayerNames=True
bStripMessageColors=True
PlayerIDLogName=AntiTCCPlayerIDs
KeepPlayerIDsDays=30
AllowedConsoleClass=xInterface.ExtendedConsole
AllowedGUIControllerClass=GUI2K4.UT2K4GUIController
bTryToDisableHacks=False
bMidGameCheck=True
bMultipleMidGameChecks=True
bEndGameCheck=True
bRotationLock=True
bLockRolloff=True
bLockFOV=False
bSpawnFakePlayers=True
bUseCustomLog=True
bSimpleLogMode=True
bAlwaysProduceCompleteLogs=True
LogFileSaveInterval=30
LogFileTimestampFormat=[yyyy-mm-dd hh:nn:ss] -
LogFileName=AntiTCC_%y-%m-%d_%h-%n_%g_%l
bSingleLineLogs=False
CurrentProfile=
WaitingGameClass=
AgreeEnableDelay=5
AgreementTimeoutDelay=60
AgreementText=
bAlwaysShowAgreement=False

Section [AntiTCC2009r6.AntiTCCSecurity]

Due to technical restrictions these properties are not available from the webadmin interface and must be configured by directly editing the main configuration file of the server. (usually UT2004.ini or server.ini)
DisallowedFile
Specifies files or packages the client should not have. This setting works similarly to the ServerPackages list, i.e. you can use it multiple times to specify more than one blacklisted file or package.
If you want to take advantage of the client's package path settings for finding package files, make sure you don't use '.' or (back)slashes. If you do, the path will be relative to the client's System directory. For greater flexibility you can use the wildcard characters '?' and '*' which stand for a single and multiple characters respectively. For example, DisallowedFile=foo.* will blacklist any files with the name "foo" and any file extension in the UT2004\System directory of the client. DisallowedFile=foo will blacklist any package file with the name "foo", for example "System\foo.u", "Textures\foo.utx" or "Maps\foo.ut2".
Careful with disallowing "*helios*" here, there's some legit content using this name!
DisallowedPrefetchFile
Since the executables of native cheats often aren't located in the UT2004 directory, checking the prefetch directory at least provides a small chance for success. Yes, cheaters could disable prefetching, but there are enough of them who don't bother reading the manual and get caught anyway.
The same wildcards as with DisallowedFile can be used here. Just specify the names of the .exe files whose prefetch entry you want to detect. For example "foo*.exe" will detect all prefetch entries of executable files whose name starts with "foo".
MD5Check
While the previous two settings only blacklisted files, this one can actually check the integrity of files. The value for each MD5Check entry consists of the following values:
FName
The name of the object to check. The correct format here depends on the type of check.
MD5
The recognized MD5 hash(es) of the object.
MD5Type
The type of check to perform. Valid values are 0 and 2, but in certain cases you might want to use type 1 as well.
Optional
Whether the object is optional. Optional checks don't fail if the object to check is missing on the client. Valid values are True and False.
The MD5Type 0 is known as "Quick MD5" and can only be used for Unreal packages. It is useful for large data packages because it can be performed very quickly regardless of package size. Of course this comes with the price of reduced efficiency. The FName for a Quick MD5 check is just the package name. Anti TCC comes with built-in quick MD5 checks for itself and the default player skin and model packages.
To perform a full MD5 check of the entire file content, use MD5Type 2. By default Anti TCC only performs a full MD5 check for itself. Like for the DisallowedFile checks you can let Anti TCC search for an Unreal package by only specifying its name without directory or extension. Note that wildcards are not allowed here. Full MD5 checks can also be used as an alternative way to blacklist certain files entirely by using the value "not allowed" instead of a reference MD5 hash.
The MD5 part expects a list of comma-separated values with each value enclosed in double quotes and the entire list enclosed in round parentheses. And entire MD5Check value might look like the following example:
MD5Check=(FName="Engine",MD5=("1972d14c57d05ffdc82c51be76c13d29","71f1bebad09f22f22d49d74c172ec561"),MD5Type=2,Optional=False)
These are the (full) MD5 hashes for the Engine.u package of UT2004 v3369 (latest official patch) and v3372 (inofficial Logitech G15 patch).
MD5 checks for Unreal packages (no file extension or path specified) also serve as a "whitelist" for unknown classes, but only for packages that don't exist on the server.

Section [AntiTCC2009r6.MutAntiTCCFinal]

These properties are also available in the webadmin interface. Their display name there is similar to the INI setting names listed here.

bAllowClientConsoleMessages
Whether Anti TCC should display messages in the client's console at all. Turning this off will also disable the client console commands for non-admin players.
bBroadcastConsoleErrorMessages
Whether Anti TCC should broadcast its insecurity messages to all clients. The message will be displayed in the client's console.
bMessageBeep
Whether Anti TCC should play a beep sound when it broadcasts an insecurity message.
bBroadcastClientScreenMessages
Whether Anti TCC should display a big red message in the middle of all clients' screens when an insecurity was found.
bDisplayProgressMessages
Whether Anti TCC should display its check progress on the client.
bDisplayProgressScreenMessages
Whether the progress messages should be displayed in the middle of the screen. Disabling this without disabling progress messages altogether will display them in the chat area.
bClientsMayGetIDs
Whether clients may use the commands "ShowIDs", "Whois" and "Whowas" to find out other players' IDs. If this is disabled, only "Whois" can be used and it will only display other names that player has used.
bShowOnlyFirstPartOfID
bShowOnlyLastPartOfID
These two settings control, which part of a player ID is visible to non-admin clients. If either of them is enabled, only the first or last eight digits of the ID are visible. If both are enabled, the first and last eight digits are visible. If both are disabled, the entire ID is visible.
bClientsMayGetNames
Whether clients are allowed to use the "Whois" and "Whowas" commands to find out other names a player has used. If this is disabled, only "Whois" can be used, and only for displaying the ID of the player, unless bClientsMayGetIDs is disabled as well.
bServerOSInServerDetails
Adds the server type (Windows/*nix/Mac, 32/64bit) to the server details.
bAntiTCCVersionInServerDetails
Adds the Anti TCC version to the server details.
bCheckSkins
Whether Anti TCC should check the default skins for modifications. This includes the default skin definitions in UPL files and the default model and texture packages. This setting is recommended over MD5-checking UPL files directly as those files contain harmless settings that are completely safe to modify.
bSingleMD5Mode
Only accepts the first MD5 value specified in each MD5Check entry.
bCheckForTCCs
Whether Anti TCC should pay special attention to the "set command ID" a player will receive when using certain commands before entering the server. Note that this ID is also globally banned by the Epic Games master server and in UTAN.
bAllowOldClients
Whether Anti TCC should allow clients whose UT2004 version is older than v3369. Clients attempting to connect with an older version will receive a message prompting them to update. The message will contain a button that leads them directly to the BeyondUnreal Essential UT2004 Files page.
This option has been removed in Anti TCC 2009 R6. Client versions other than 3369 and 3372 (the Logitech G15 patch) are no longer supported.
bLogClientPackages
Whether Anti TCC should list all packages loaded on clients in the Anti TCC log file.
bLogClientClasses
Whether Anti TCC should list all classes loaded on clients in the Anti TCC log file.
bCheckClientClasses
Whether Anti TCC should check the classes loaded on clients for blacklist entries.
bDelayMatchStart
Whether Anti TCC should delay the start of the match until all players have been validated. Note that the match start is delayed anyway until critical (lagging) checks have passed.
bDelayLateJoin
Whether a client player is forced to spectate until validated.
bCheckRenderSettings
Whether render settings should be checked. This includes settings that make the textures extremely blurry or even single-colored. It also includes certain commands that must be entered before joining the server to improve player visibility, especially a long range and when using the Invisibility combo.
TimeoutSeconds
If Anti TCC doesn't get a reply to a check request within this duration, the corresponding client is kicked for security reasons. Just to make this clear: Timeout kicks do not imply cheating!
bKickOnTimeout
Whether clients should be kicked if any check times out. Really recommended!
bSelfIntegrityChecks
Some checks are too expensive to perform them under server control. This setting determines whether Anti TCC should perform self-integrity checks to ensure the reference values of those checks are valid. Really recommended!
WhatToDo
What Anti TCC is supposed to do when a standard insecurity was found.
WhatToDoAnnoyance
What Anti TCC is supposed to do if a player repeatedly triggers message-only insecurities, especially for render settings, mass suicide, mass name change or text flood.
WhatToDoBlacklisted
What Anti TCC is supposed to do when it finds black-listed objects on the client. (This does not include regular MD5Checks with a reference MD5 value.)
WhatToDoSkins
What Anti TCC is supposed to do when a client has modified character entries, i.e. non-standard skin or model for a standard character.
WhatToDoRender
What Anti TCC is supposed to do when it finds that the client has invalid render settings.
WhatToDoTCC
What Anti TCC is supposed to do if a client used certain console commands before entering the server.
WhatToDoLoginFailed
What Anti TCC is supposed to do if a when a client repeatedly attempts to log in as admin with incorrect credentials.
bPauseGameDuringChecks
Whether the game should be paused for the dureation of the checks if a new player joins and needs to be validated. This is mainly meant for tournament and league matches where it would be unfair to continue after a player dropped.
bEnableAdminFaker
Many aimbots have an "admin protection" feature that automatically disconnects the cheater when an admin arrives. This setting fakes the presence of a player who is logged in as admin. Cheaters will have to turn off their admin detection if they want to play on the server.
bAllowSilentAdminLogin
Whether admins are allowed to log in without other players noticing. Again, this is mainly targeted at aimbots with an "admin protection" feature. Admins can use this feature to silently log in and e.g. record a server demo of the cheater or get the cheater's complete ID with the "ShowIDs" command.
bReportAdminLogins
Whether successful admin logins should be reported in the Anti TCC log file. This also happens in simple log mode,
MaxFailedLoginAttempts
The maximum number of admin logins a client is allowed to fail before Anti TCC blocks the client's GUID for the remainder of the session and potentially kicks or bans the client.
bNoSpamCheck
Disables Anti TCC's text flood check.
bPreventMassSuicide
Enables Anti TCC's mass suicide check.
bFilterPlayerNames
Whether Anti TCC should filter invalid/invisible characters from player names.
bStripMessageColors
Whether Anti TCC should strip color codes from chat messages.
PlayerIDLogName
The name of the INI file anti TCC will use to keep track of ID and names for the "Whois" and "Whowas" commands. Those commands will not be available if player ID logging is disabled due to an empty PlayerIDLogName.
KeepPlayerIDsDays
How long old player IDs and names should be kept in the database. By default players who haven't visited the server in the last 30 days are removed.
AllowedConsoleClass
The console class clients are expected to use. This setting should only be adjusted for total conversion servers as it will prevent Anti TCC from securing the console.
AllowedGUIControllerClass
The GUIController class clients are expected to use. Again, this setting should only be adjusted for total conversion servers.
bTryToDisableHacks
Whether Anti TCC should attempt to disable any potential hacks it finds. If enabled, Anti TCC will try to close and remove unknown menus, interactions and other objects safely. This is not guaranteed to work, so kicking the suspicious player usually is the better choice.
bMidGameCheck
Whether Anti TCC should repeat some of its more expensive checks in the middle of the match. These checks will only occur when the player dies and at least five minutes after the player was verified. During a mid-game check, the player will not automatically respawn, even if force-respawn is enabled on the server.
bMultipleMidGameChecks
Since a cheater could just wait for the mid-game check to occur before loading his cheats, Anti TCC offers the option to repeat the checks every five minutes.
bEndGameCheck
Like the mig-game check, but performed at the end of the match.
bRotationLock
Whether Anti TCC should attempt to lock the view rotation so it can't be affected by aimbots.
bLockRolloff
Whether Anti TCC should lock the audio roll-off value (i.e. how quickly a sound's volume decreases with its distance to the listener) to its on-connect value, but at least to 0.4. Very low values could be used to hear the footsteps of other players even if they are very far away.
bLockFOV
Whether Anti TCC should lock the default FOV to its on-connect value. Some players implement a "mini zoom" by playing on a higher FOV by default, but reduce the FOV to the lowest allowed value (80) when they need it.
bSpawnFakePlayers
Whether Anti TCC should spawn invisible fake players clientsidely to confuse aimbots and mess up radar cheats. These are far more efficient than the old fake players back in version 1.19 and should barely affect performance at all.
bUseCustomLog
Whether Anti TCC should serversidely log to a dedicated log file in the UserLogs directory.
bSimpleLogMode
Whether Anti TCC should keep the log file simpler. In simple log mode, Anti TCC will not produce any log file at all if it doesn't detect any insecurities.
bAlwaysProduceCompleteLogs
In simple log mode, the log file is only opened after an insecurity is found. This setting controls whether Anti TCC should still keep track of any earlier log entries and write them to the opened log file when the first insecurity is detected.
LogFileSaveInterval
In order to access a log file while the server is running, it must be closed. A closed log file also has the advantage that it will be complete even if the server happens to crash for whatever reasons. This setting specifies how long Anti TCC will after writing to the custom log file before closing it.
LogFileTimestampFormat
The format of the timestamp to prepend each log line with. Valid placeholders are "yyyy" and "yy" for the year, "mm" for the month, "dd" for the day of the month, "hh" for the hour, "nn" for the minutes, "ss" for the seconds, "f", "ff" and "fff" for fractions of the second (one, two and three digits after the decimal point, respectively), "w", "ww" and "www" for the day of the week (full name and first two/three chars, respectively) and "g" or "gggg" (right-aligned last 4 digits) for the game time in seconds as seen in stats log files.
LogFileName
The name of the custom log file. Invalid characters are replaced with underscores. Possible placeholders are "%y" for the year, "%m" for the month, "%d" for the day of the month, "%h" for the hour, "%n" for the minutes, "%s" for the seconds, "%i" for the server's IP address, "%p" for it's port, "%g" for the current gametype and "%l" for the current level. The special placeholder "%a" can be used to switch from the default 24-hour format to a 12-hour format. It also inserts "am" or "pm".
bSingleLineLogs
Usually insecurity logs are spread over up to four lines to make them easier to read. This setting will keep them on a single line to make them easier to process with a script.
CurrentProfile
The current configuration profile. See Using Configuration Profiles for details.
WaitingGameClass
As you may or may not know, Anti TCC blocked the "PlayWaitingGame" console command because it was used to load cheats. Starting with release 6, Anti TCC instead remaps the command to "Mutate PlayWaitingGame", which can be used by spectators to play some kind of mini game configured here.
(Anti TCC does not come with any mini games. It will, however, make sure the package of the class entered here is added to the ServerPackages list. See Mini games interface if you are interested in creating a mini game that can be loaded via this feature.)
AgreeEnableDelay
The minimum delay before a player is allowed to agree to a custom agreement text.
AgreementTimeoutDelay
The maximum time a player is allowed to leave the custom agreement dialog open before he is kicked from the server to free up the player slot.
AgreementText
A custom agreement text to display to the player before he can enter the server. This can be used to display server rules and give players a chance to back out if they don't agree.
bAlwaysShowAgreement
Usually a player only needs to read and agree to the server rules if he sees them for the first time. With this setting enabled, the player sees them every time. AgreeEnableDelay will have no effect if this setting is enabled.

Using Configuration Profiles

Anti TCC allows you to store more than one configuration in your server's INI file. These configuration profiles contain the same options as the [AntiTCC2009r6.MutAntiTCCFinal] section of you INI file, but start with [profilename AntiTCCSettings]. To load a profile you have to add the parameter ?AntiTCCSettings=profilename to the map URL when switching maps with the ServerTravelcommand or on the server startup commandline, e.g.:

ucc server DM-Rankin?mutator=AntiTCC2009r6.MutAntiTCCFinal?AntiTCCSettings=1on1DM

(Of course, the ?mutator=AntiTCC2009r6.MutAntiTCCFinal part isn't neccessary if you run Anti TCC as a server actor.)
You can also use the webadmin interface to specify a profile name in the Current Profile textbox.
You don't have to edit the server's INI file to create profiles. Just use the ?AntiTCCSettings= parameter as described above with an unused profile name and the new profile will be created. You can then change the Anti TCC settings as usual in the webadmin interface. The changes will be saved to the specified Anti TCC profile once you restart or change the map.
When you return to a "profile-less" configuration, the last profile used will stay active, but changes aren't saved to that profile anymore. To disable profiles simply restart the map with the ?AntiTCCSettings= parameter and leave the profile name empty or completely leave out the ?AntiTCCSettings= parameter if there are other URL parameters like ?game= or ?mutator=. You can also change the Current Profile setting in the webadmin interface to "-" and restart the map.

[top]

Client Features

Apart from the cheat detection on the server, Anti TCC also offers a number of features that can be used by all players. The server admin can choose to disable these by turning off client messages entirely, but on most servers this is not the case.

Client console log
Anti TCC always logs all its console messages clientsidely to a file called AntiTCC_ClientConsoleLog.log in the UT2004\UserLogs directory. The log file is shared among all Anti TCC versions and not reset automatically, so it can become quite large over time.
Silent admin login
Clients are notified on connect whether this feature is enabled on the server. If it is, players and spectators on the server can use the command SilentAdminLogin with their usual login name and password to become an admin. Unlike with the regular AdminLogin command, their admin status will not be visible to any clients. A silently logged-in admin can use most administrative commands, though some might not work correctly or at all.
Player ID listing
Players can use the console command ShowIDs to check the identity of other players on the server, unless the server admin has disabled this feature. The command will send back a list of all players and spectators on the server, including their (potentially masked) IDs and a unique player number for that match. Bots are also listed for reference, but for obvious reasons without a player ID.
Other nicks used by a player
For any human player or spectator on the server, including yourself, you can find out what other nicks were used with the command Whois, followed by the player name. If the name of the player you want to check is too complicated, you can type just a sufficiently unique part of the name or the character '#' followed by the number the ShowIDs command listed for that player.
Admins can disable this command entirely or restrict it to only the name history or the player ID.
Info about players not currently on the server
The third command for information about players is WhoWas, which must be followed either by a full player ID or a full player name. If an ID is specified, the command will list all nicks used by the player with that ID and when the player was last seen on the server. For names, the command first looks up all IDs that used the name and then lists other names also used by those IDs.
Admins can disable this command by restricting clients from seeing ID or names.
Echo command
Since UT2004 doesn't provide any way to display console messages clientsidely via a console command, Anti TCC provides the echo command. This is similar to the echo command available on UTComp servers. To use it, just type Echo, followed by the text you want to display in your chat area. Nobody else will see the text, it never leaves your client.
Admin slap/kill commands
Anti TCC allows admins to slap or kill players via console commands. Available commands are:
  • Slap – Slaps the specified player once for 10 points of damage. Slapping kicks a player out of vehicles and turrets.
  • Kill – Kills the specified player with the "best" method available. Outdoors this is either "toast" or "strike", indoors it's usually "blowup". This command never selects "slapkill".
  • RandomKill – Kills the specified player with a random method as listed below.
  • Toast – The specified player is killed by a laser beam fired from an orbital satellite. This only works after an Ion Painter was used or the map originally contained an Ion Cannon satellite.
  • Strike – The specified player is struck by lightning. This only works outdoors or at least requires considerable room above the player.
  • BlowUp – The specified player explodes spontaneously.
  • SlapKill – The specified player is slapped again and again until he or she dies.
Neither of these methods will damage other players directly. Note that vehicles exploding as a result of a kill might still hurt other players, though.
The player can be specified the same way as in the WhoIs command, but additionally you can also specify bot names if you want to try it out on an otherwise empty server.
[top]

Potentially Asked Questions

How do I find out the MD5 value(s) for the Checks=... list?
There are two different types of MD5's that can be generated. QuickMD5 rely on the fact that the package is already loaded. This is a very fast MD5 that's great for large files (like PlayerSkins.utx). The downside is it's only available for actual UT2004 packages. Full MD5s generate a full fledge MD5 hash of any file.
You can obtain a Full MD5 of any file by using the following UCC commandlet: 
UCC MasterMD5 -f filename
This will give you the 32 digit MD5 you need for the MD5 field above. Careful when checking stock .U files, they might be different in every patch, so you will have to add all MD5s of the different versions of those files.
You can obtain a quick MD5 of any package by using the UCC commandlet: 
UCC MasterMD5 -q packagename
Rember that you do not need to include the path or file extension for quick MD5s as UT2004 will use its internal package loading code to open it.
MasterMD5 will always only give you the MD5 of one version of a file. Keep in mind that because of patches or different releases there might be more than one version of a file you wish to check.
You do not need to add the Anti TCC package or stock skin packages to the MD5 checks, these are checked automatically.
Are there any known bugs in this release?
Unfortunately, yes:
  • The way Anti TCC secures the console breaks admin menu commands of UT2Vote up to version 57 and some other mods. (These mods access the console though InteractionMaster.Console, which conflicts with Anti TCC's secured console feature. This must be fixed in those mods, I can't do anything about it.)
    ProAsm updated all his mods to fix this incompatibility.
What has changed since release 5?
  • Fixed a bug where the in-game chat menu did not update when new chat lines arrived.
  • Fixed mouse sensitivity changes via the settings menu not having any effect while playing on an Anti TCC server.
  • Improved interaction between bMidGameCheck, bMultipleMidGameChecks and bEndGameCheck settings. bMultipleMidGameChecks=False now ensures there is at most a single mid-game check between map changes. End-game checks between Onslaught/Assault rounds no longer count as mid-game check for bMultipleMidGameChecks=False.
  • Improved kick behavior during initial checks. Package, class and skin checks are skipped if a kick-worthy insecurity was detected in an earlier stage.
  • Added mandatory FullMD5 checks for Core, Engine, UnrealGame, XGame and XInterface packages with allowed MD5s being those from UT2004 v3369 and Logitech G15 patch v3372.
  • Older versions than v3369 are no longer supported.
  • Fixed bSpawnFakePlayers=False not working.
  • Added Anti TCC version to server details. (configurable)
  • Added log messages about duplicate prefetch/disallow/MD5 checks.
  • Added admin login monitoring.
  • Added log timestamp placeholders for fractional seconds and game time. (not used by default)
  • Potentially fixed players being invisible during demo playback in some cases.
What has changed since release 4?
  • Fake players are back. They are less resource demanding this time and do a fine job distracting radars and aimbots not falling for Anti TCC's other distraction techniques, such as pretending players are fake.
  • Removed UTAN-related messages. I'll add these back in after UTAN is revived.
  • Reverted to UT2004 ping calculation to comfort whiny players who can't handle the truth.
  • Improved clientside mod support for silent admin login.
  • Excluded vehicles from pawn hiding code. This fixes a bunch of bugs, like turrets looking weird or vehicles briefly vanishing on destruction.
  • Quick MD5 check now ensures the package to check is actually loaded.
  • Improved log output of failed MD5 checks.
  • Fixed another bug in the SET console command for unqualified class names, such as "set input key command".
  • Added some important classes to the integrity checks.
What has changed since release 3?
  • Fixed a rotation lock problem that could affect player rotation on end of AVRiL lock.
  • Fixed a display bug in the WhoWas command.
  • In Assault, the ResetTimeDelay is only extended to at least 15 seconds if the practice round is disabled.
  • Long ambient sounds are only disabled if the client has disabled music.
  • Unknown classes in packages that don't exist on the server will no longer be reported if the package is in the list of MD5 checks. This means you don't need to install voice and announcer packs on your server anymore just to allow them on clients. A QuickMD5 (or FullMD5) entry will be enough to "whitelist" them.
  • Added detection and workaround for player slot exploits.
  • Merged in Custom Punishments code. Admins (including silently logged-in ones) can now slap or kill annoying players.
  • Improved efficiency of blacklisted keybind detection.
  • Added 'Mutate AntiTCC GetServerTickRate' (or 'GetServerTickRate' for short), which will display the server's current tick rate in the console.
What has changed since release 2?
  • Fixed the SET command filter, which incorrectly blocked "set Input [key] [command]".
  • Fixed a default prefetch check entry that could possibly cause false positives.
  • Improved key reset code for Input Inconsistency checks.
  • Addressed some crashes related to replaced shadow projectors (client) and cleanup of player ID log files. (server) Not sure if those are actually fixed now or were just symptoms of other problems.
  • The server's current and maximum tick rate is now displayed in the server details box of the server browser and mid-game menu rules tab.
  • Fixed not being able to look up or down when standing on moving vehicles.
  • Fixed not being able to fire while driving vehicles
  • Sanity check: Prevented running Anti TCC and SafeGame at the same time - they are simply not compatible.
  • Fixed client demo playback view direction.
What has changed since release 1?
  • Fixed zoom of Assault turrets and FOV changes of space fighters.
  • Fixed a few other instances of WhatToDo=LogOnly incorrectly overriding more specific cheat reactions.
  • The console font no longer changes randomly.
  • Fixed random initial rotation when entering Onslaught energy turrets or vehicle passenger seats.
  • End-game checks can now also be performed at the end of non-final rounds in Assault, Onslaught and similarly structured gametypes.
What has changed since Anti TCC v1.19 Beta 26?
Major new features are:
  • Secured console class. This should definitely lock down the console commands most UnrealScript cheats are loaded with.
  • Detecting REND console command abuse. These commands can be used offline and persist into network games. They can be abused to make invisible players much easier to see, even at a distance.
  • The INI file name for player IDs is no longer restricted to predefined values. Also starting with this version, all Anti TCC versions will share the same section in the INI file. IDs from v1.19 and earlier still need to be imported manually. The new shared section name is [AntiTCC PlayerIDs] and the standard INI file is AntiTCCPlayerIDs.ini.
  • Admins who have used LockFOV.u before can enable that feature within Anti TCC now.
There are also a few major bugfixes:
  • Shadows of players and vehicles are rendered again.
  • The WhatToDoBlacklisted setting now works correctly even with WhatToDo=LogOnly
  • That "Runaway loop detected" crash some players were experiencing on startup should now only happen very rarely, if at all. (I can't really prevent it entirely, and somehow I think it's related to a garbage collection bug outside Anti TCC.)
  • A bug that caused menus to close when spectating another player has been fixed. This bug might also be responsible for other weird behavior in previous Anti TCC versions.
  • bRotationLock=True will no longer cause the view to spin around randomly under certain conditions.
This list likely isn't complete.
What has changed since the last official version, Anti TCC v1.18c?
Oh, quite a lot. Some of the highlights:
  • Auto-pause while a player reconnects during the match. (For competitive matches, includes countdown before match continues.)
  • Special handling for certain illegal CD keys.
  • Custom player agreement texts, e.g. for server rules. Players have to agree before allowed to join the game.
  • Improved secure PlayerController class. Checks for chat spam, mass suicide, unusually high frequency of nick changes. Prevents certain movement hacks and some lag attacks against the game server.
  • Improved simple log mode, optionally also logging whatever happened between the start of the match and the first insecurity.
  • View rotation and audio rolloff locks.
  • Detection of certain server crash attempts.
  • Improved package and data integrity checks.
What's MD5Type=1?
The MD5Type 1 ("Code MD5") calculates MD5 hashed of UnrealScript functions. Unfortunately this is broken because the hash is calculated in memory and will likely change the next time UT2004 loads. The only useful application for Code MD5 is to check for functions that shouldn't actually exist. "Engine.HudOverlay.Tick" is such an example. This function does not exist in UT2004, but some hacked Engine.u packages contain it. This can be detected by adding an optional MD5 check for FName="Engine.HudOverlay.Tick" and MD5Type=1 with the MD5=("not allowed").
This is actually a built-in check in Anti TCC 2009, but you can use it in v1.19 and earlier versions. Just ignore any warnings about the unknown MD5 type Anti TCC might log on startup.
How does a mini game need to be structured so it can be loaded via "PlayWaitingGame"?
Anti TCC doesn't expect much from the mini game loader, i.e. the class specified in the WaitingGameClass setting. There are really only two requirements:
  • The class must be a non-abstract subclass of class Info.
  • The class should override GetLocalString() to return the name of the game when no parameters are passed. Alternatively, if the GetLocalString() function returns an empty string, which is the default implementation, Anti TCC just uses the class name.
Anti TCC will spawn an instance of the mini game loader serversidely whenever a spectator uses the PlayWaitingGame command, with the spectator's PlayerController as the Owner of the loader instance. After the instance has been spawned, it is abandoned and expected to perform any steps required to load the mini game clientsidely.
Note that Anti TCC will not check if the game is already running, that is entirely up to the mini game loader. Also, the loader instance is not destroyed by Anti TCC. It should remove itself when it is no longer needed.
Where did the AntiTCC commandlet go?
I removed it after changing the way player IDs are logged. If you want it back, please tell me and I'll try to make it work again for the next release.
You said you were never going to touch Anti TCC again.
So what? That's not even a question!