Release 1.13 Lite, Copyright 2003 by Wormbo
If you have any problems with Anti TCC, please have a look at the Anti TCC homepage or post in the Anti TCC Forum.Anti TCC is a mutator designed to perform a more detailed check of various packages and clientside settings. Its main goal in UT2003 was to detect SET command cheats, the so-called temporary console commands or "TCCs". This type of check is not implemented in Anti TCC for UT2004 though, since Epic turned on the masterserver feature which keeps out SET command users.
This release targets the following cheats and potentially unwanted actions:
The ZIP archive you downloaded contains 9 files:
ServerActors=AntiTCC113Lite.AntiTCCServerActorThis ServerActors entry automatically loads Anti TCC and prevents it from being removed from the mutators list. If you don't want that, don't add it. Instead manually start the Anti TCC mutator through the webadmin interface or the server's startup commandline, e.g.:
ucc server DM-Rankin?game=xGame.xDeathmatch?mutator=AntiTCC113Lite.MutAntiTCC,xGame.MutVampireNote: You don't need to add the ServerPackages entry. In the unpatched version of UT2004, Anti TCC will add the entry manually and in later versions the entry will not be neccessary anymore.
Make sure Anti TCC works properly by connecting to your server. The client console should display something similar to the following example.
================================================== Anti TCC v1.13 Lite build 2004-04-29 17:07 Copyright (c) 2003-2004 Wormbo ================================================== * Your unique ID is [ 01234567-89abcdef-01234567-89abcdef ] * Player ID logging is enabled * Initial Check Timeout: 120 seconds * Check Timeout: 30 seconds * Reaction to insecurities: Kick * GUI has been secured * Verified DM-Antalus * Verified AntiTCC113Lite * Verified HumanMaleA * Verified HumanFemaleA * Verified Jugg * Verified Aliens * Verified Bot * Verified SkaarjAnims * Verified XanRobots * Verified ThunderCrash * Verified Hellions * Verified NewNightmare * Verified PlayerSkins * Verified UT2004PlayerSkins * Verified DemoPlayerSkins * Verified BrightPlayerSkins * Verifying skins... * Verifying classes... You have been validated successfully.
Everything Anti TCC displays in the client's console is also written to the file AntiTCC_ClientConsoleLog.log in the client's UT2004\UserLogs directory.
You should check the server's log file (usually ucc.log or server.log) for Anti TCC warnings. Anti TCC will tell you if something went wrong or whether your configuration might cause problems. With the default configuration something like this should be logged to the server's main log file (usually server.log, ucc.log or ut2004.log):
AntiTCC: ================================================== AntiTCC: Anti TCC Anti TCC v1.13 Lite build 2004-05-13 20:36 AntiTCC: Copyright (c) 2003-2004 Wormbo AntiTCC: ================================================== AntiTCC: * Preventing Fast Weapon Switching AntiTCC: * Note: Silent admin login is only available for advanced admin AntiTCC: * Admin faker name is foy37wXb66 (DM-Antalus.PlayerReplicationInfo) AntiTCC: * Calculating Full MD5 for AntiTCC113Lite... AntiTCC: [ 485e2e778ffcbebd1f2722ed8f7fd002 / 4C13568011D8A51D30000C8CB7637684 ] AntiTCC: * Calculating Full MD5 for DM-Antalus... AntiTCC: [ 032b629ab11bfe1291d029f569287703 / D7B47504448839EFE0B05F9F71F09418 ] AntiTCC: * Player IDs are logged to PlayerIDsINI AntiTCC: * Securing PlayerControllers AntiTCC: * Logging output to AntiTCC_(xDeathMatch)_(DM-Antalus)_(2004-05-13)_(20-53) when neccessary
Anti TCC offers some new console commands. They only work ingame and not from the webadmin interface.
The following options need to go under the enter [AntiTCC113Lite.AntiTCCSecurity] in your UT2004.ini file (or whichever ini file configures your server).
| Checks | The first configuration option is the
Checks data set. All of the important data is combined into one entry for
each file to check. The format for the entry is seen here: Checks=(FName="",MD5=(""),MD5Type=0|2,Optional=True|False)Notice that each sub-field is separated by a comma and mixes string and numeric data. You can refer to the defaults in AntiTCC113LiteDefINI.txt for actual examples. IMPORTANT: Make sure there are no whitespaces in the Checks entries. The available sub-fields are:
|
|---|
The following options need to go under the enter [AntiTCC113Lite.MutAntiTCC]
in your UT2004.ini file (or whichever ini file configures your server).
They can also be changed from the web admin interface and you can put them in
configuration profiles to quickly switch between
different configurations.
| bAllowClientConsoleMessages | Anti TCC displays messages in the client's console and log file about security checks. This option can disable the console messages. |
|---|---|
| bBroadcastConsoleErrorMessages | Enables or disables Anti TCC's red console warning messages stating the reason for a kick. This will not display a client console warning when bAllowClientConsoleMessages is disabled, but the warning will still be logged in the client's log file. |
| bMessageBeep | Enables or disables the beep sound played when Anti TCC detects illegal files, settings or activities on a client. |
| bBroadcastClientScreenMessages | Enables or disables Anti TCC's a red warning message in the center of all clients screens when a client is kicked by Anti TCC. |
| bDisplayProgressMessages bDisplayProgressScreenMessages |
bDisplayProgressMessages enables or disables Anti TCC's
progress messages in the center of the screens during initial checks. bDisplayProgressScreenMessages specifies whether the progress messages should be displayed in the center of the screen or in the chat area. |
| bClientsMayGetIDs bShowOnlyFirstPartOfID bShowOnlyLastPartOfID |
bClientsMayGetIDs determines, whether
clients may see other players' CD key hashes. Setting this to false will
disable the ShowIDs and Whowas commands and disable the ID
display in Whois. bShowOnlyFirstPartOfID will hide everything except the first eight digits of the player ID, bShowOnlyLastPartOfID will hide everything except the last eight digits. If both are False the whole ID is displayed, if both are True the middle part of the ID is replaced with astrerisks. Usually half of the player ID should be enough identify a player. Showing only parts of the ID prevents malicious users to abuse the keys, but still allows propery identification. |
| bClientsMayGetNames | Determines, whether clients are allowed to view other players' alias names. Setting this to false will disable the Whowas command and disable the alias name display of the Whois command. |
| bShowInServerDetails | Tells Anti TCC whether it should show up in the server details. |
| bCheckSkins | If set to True, Anti TCC will perform checks to ensure the player skins listed in XPlayersL1.upl and XPlayersL2.upl are not modified. |
| bLogClientPackages | Determines, whether a list of all packages
loaded on the client should be logged in the server's log file. This option probably is more useful in league matches than on public servers. |
| bLogClientClasses bCheckClientClasses |
bLogClientClasses determines, whether a list of all classes of clientside
objects should be logged in the server's log file. bCheckClientClasses makes sure these classes are actually known on the server, i.e. the classes must either exist on the server or must be in the AllowedClasses list. |
| bSecureGUI | Verifies every menu class opened on the client. |
| bDelayMatchStart | Delays the start of a match until all players have been validated. It's probably not too wise to enable this on public servers because every time a new player joins the match start is delayed further. |
| bDelayLateJoin | Prevents players from spawning until they have been secured.
The difference to bDelayMatchStart is, that the actual match start
isn't delayed, but modified clients still can't affect gameplay. It might be a good idea to disable this option in clan matches so the game can quickly continue after a player dropped and reconnected. |
| bPreventFlyingLeviathan | Prevents the 'Flying Leviathan' bug exploit, where a Leviathan can be attached to any other vehicle to fly or drag it around. |
| bCheckMapMD5 | If set to True, Anti TCC will automatically do a full MD5 check of the map played before performing other file checks. |
| bCheckRenderSettings | If set to True, Anti TCC will make sure clients don't use a DefaultTexMipBias > 0.5 or DrawDistanceLOD > 1.0. |
| InitialTimeoutSeconds TimeoutSeconds bKickOnTimeout |
(Initial)TimeoutSeconds determins how long the
mutator will wait before it considers the whole system to have
timed out, i.e. not functioning properly. InitialTimeoutSeconds is used
only for the first check, while TimeoutSeconds is used for all other
checks. Values lower than 10 seconds are not allowed. The recommended minimum value is 20 seconds for TimeoutSeconds and 60 for InitialTimeoutSeconds. If bKickOnTimeout is true, when a player times out, he or she will be kicked from the server. NOTE: A timeout doesn't imply cheating. It is usually caused by connection problems or client crashes or the client simply needs too much time for precaching game content. |
| bSelfIntegrityChecks | If set to True, Anti TCC will automatically perform a full MD5 check of its own package file. |
| bSingleMD5Mode | This setting was added by request from ClanBase so
serveradmins can proof they don't exploit the option to specify multiple
MD5s. When enabled, it makes Anti TCC ignore all but the first MD5 value
specified for each file check. Setting this to True or not having multiple MD5 reference values for any filr check will make Anti TCC display "Anti TCC is running in single MD5 mode" to clients connecting to your server. Important: You will no longer be able to have more than one MD5 value per file check if you set this to true. This will make it impossible to allow unpatched Mac UT2004 clients to play on your server if you told Anti TCC to perform any QuickMD5 checks, which it does by default! You should probably use Anti TCC's config profiles feature (see Using Configuration Profiles below) if you need to use this option. |
| WhatToDo | The WhatToDo option determines what your server will
do if it detects an insecurity. The available options are:
|
| bEnableAdminFaker | This might fool aimbots into thinking an admin logged in.
Some aimbots have an admin login detection, which may get triggered and
automatically disconnects the cheater. To find out the player ID of a suspicious player you can use the Whowas command if player ID logging is enabled. (See SavePlayerIDsTo option below.) |
| bAllowSilentAdminLogin | When enabling this option, admins will be
able to log in without appearing as administrators using the
SilentAdminLogin command. This only works with advanced admin
enabled, i.e. in [Engine.GameInfo] you have to set
AccessControlClass=xAdmin.AccessControlIni. Note: Some admin commands might not work correctly when using silent admin login. |
| bNoTossWeaponSwitch | Prevent faster weapon switching by throwing the weapon and picking it up immediately while running forwards. |
| SavePlayerIDsTo | Set this to PlayerIDsINI or PlayerIDsxINI (where x is any number between including 1 and 9) to log all players' IDs to PlayerIDsx.ini. All other values will disable player ID logging and also Anti TCC's Whois command, which requires this feature. |
| AllowedConsoleClass AllowedGUIControllerClass |
The AllowedConsoleClass specifies the console class clients are allowed to use and the AllowedGUIControllerClass does the same for the client's GUIController class. |
| bUseCustomLog | When set to true, Anti TCC will send most of it's log output to the log file specified in the next variable. |
| bSimpleLogMode | When set to true, Anti TCC will only
create the custom log file when an insecurity or important other
problem is detected. The time placeholders of the log file name will
use the map startup time, but the first logged line will show the
time when the log file was actually opened. NOTE: Enabling this option will turn off the bLogClientPackages option. |
| LogFileSaveInterval | Values greater than 0 will cause Anti TCC to close and re-open
the custom log file once in a while to force all log data to be written to disk. This option is useful when dealing with server crashes possibly related to cheats and other exploits because without it the custom log would only be saved when switching maps. |
| LogFileTimestampFormat | The timestamp format to be used in the custom
log file. This option has no effect when the custom log file is disabled.
You can use the following placeholders in the timestamp:
|
| LogFileName | Holds the name of the log file to
output to. This file gets stored in the \UserLogs directory and the
file extension ".log" is automatically appended. You can use one or more of the following placeholders in the filename:
|
Anti TCC allows you to store more than one configuration in your server's INI file. These configuration profiles contain the same options as the [AntiTCC113Lite.MutAntiTCC] section of you INI file, but start with [profilename AntiTCCSettings]. To load a profile you have to add the parameter ?AntiTCCSettings=profilename to the map URL when switching maps with the ServerTravel command or on the server startup commandline, e.g.:
ucc server DM-Rankin?mutator=AntiTCC113Lite.MutAntiTCC?AntiTCCSettings=1on1DM(Of course, the "?mutator=AntiTCC113Lite.MutAntiTCC" part isn't neccessary if you run Anti TCC as a server actor.)
UCC MasterMD5 -f <filename>This will give you the 32 digit MD5 you need for the MD5 field above. Please keep in mind that only files that will not change can be checked using Anti TCC. Do not attempt to check core .U files (they are already protected and have a different MD5 in every version).
UCC MasterMD5 -q <packagename>Rember that you do not need to include the path or file extension for quick MD5's as UT2004 will use its internal package loading code to open it.
Checks=(FName="OpenGL32.dll",MD5="file not allowed",MD5Type=2,Optional=True)This will disallow the file OpenGL32.dll in the \System directory. Of course you can also specify absolute or relative paths in FName. It is important that you use MD5Type=2 and Optional=True.
Anti TCC comes with a commandlet for working with the player ID logs. I suggest
installing Anti TCC on your client and copying your server's PlayerIDs.ini to your
own UT2004\System directory to make things easier.
To run one of Anti TCC's commandlets, just type the corresponding command at the
commandline, in a DOS box, in Windows' Run dislog box, etc.
Anti TCC's player ID log files are simple ini files with a list of IDs and the names used by them. Multiple versions of Anti TCC can store IDs in the same ini file, but they will only be able to read their own logs from them unless you merge logs.
Generally an Anti TCC player ID log looks like this:
[AntiTCC113Lite.PlayerIDsINI]
Player=(Id="0123456789abcdef0123456789abcdef",Names=("foo","bar"),LastSeen="disconnecting at 2004-02-01 13:37")
Player=(Id="abcdef0123456789abcdef0123456789",Names=("Player","The_Real_Llama"),LastSeen="getting kicked at 2004-01-23 08:15)
Version 1.11 says [AntiTCC112Lite.PlayerIDsINI] at the top, but otherwise the
log file format is identical.
The PlayerIDsINI part in [AntiTCC113Lite.PlayerIDsINI] corresponds to the file name,
in this case PlayerIDs.ini. IDs logged in e.g. PlayerIDs3.ini would start with
[AntiTCC113Lite.PlayerIDs3INI].
To convert an older version's ID logs, simply change the AntiTCC*. part to
AntiTCC113Lite and run the CleanUp command described further down. If you want to
combine multiple logs you don't need to clean them up before merging them.
Please note that UT2003 player IDs are useless in UT2004 and vice versa.
The Anti TCC MergeLogs command combines all player ID logs (i.e. PlayerIDs.ini, PlayerIDs1.ini, PlayerIDs2.ini, etc.) into a single log file.
The Anti TCC CleanUp command merges duplicate IDs and removes empty or duplicate names from log files. This commandlet is mainly intended for log files that have been merged manually instead of with the MergeLogs command.
The Anti TCC DuplicateLog command copies a set of logged player IDs into one
or more other log files.
Important: The previous content of the log files specified will be lost!
The Anti TCC FindPlayer command lets you search for IDs and nicks in a player ID log.