Sheep dip (computing)

{{short description|IT security term}}

{{Refimprove|date=May 2022}}

In IT security, a sheep-dip is the process of using a dedicated device to test inbound files on removable media for viruses before they are allowed to be used with other computers.[http://www.webopedia.com/TERM/S/sheepdip.html Webopedia definition of term "sheep-dip" Retrieved on 11 April 2013.]

The name sheep-dip is derived from a method of preventing the spread of parasites in a flock of sheep by dipping the new animals that farmers are adding to the flock in a trough of pesticide.

The term has been applied to IT security since at least the early 1990s, though footbath was also used at the time.{{cite book |last1=Solomon |first1=Alan |url=https://books.google.com/books?id=jqKRAAAAIAAJ&q=%22sheep+dip%22+%22computer%22 |title=Dr Solomon's PC anti-virus book |last2=Kay |first2=Tim |date=1994 |publisher=New-Tech |isbn=9780750616140 |accessdate=8 April 2019}} A sheep-dip system can be considered a special case of a sandbox, used to test for malware.

This sheep-dip protocol is a normal first line of defense against viruses in high-security computing environments, as it preemptively prevent the spread of viruses brought by new devices.Build Your Own Security Lab: A Field Guide for Network Testing (Page 269) {{ISBN|978-0470179864}} IT security specialists are expected to be familiar with the concept.[http://www.newhorizons.com/Certified-Ethical-Hacker.aspx Certified Ethical Hacker Course Overview (Lesson 9) Retrieved on 11 April 2013.] {{webarchive|url=https://web.archive.org/web/20130505041644/http://www.newhorizons.com/Certified-Ethical-Hacker.aspx |date=5 May 2013 }}

The process was originally developed in response to the problem of boot sector viruses on floppy disks. Subsequently, its scope has been expanded to include USB flash drives, portable hard discs, memory cards, CD-ROMs and other removable devices, all of which can potentially carry malware.