how to make mikrotik block all this Parasites list?

http://winhelp2002.mvps.org/hosts.txt

I tried to research this very thing when I first moved from tomato to mikrotik last year. The only thing I could even think of would be to create a similar script to the ones found on the tomato forums that would somehow import these lists into the "static dns" list on a mikrotik box, all marked with an address of 0.0.0.0.

You would then have to force all dns requests to the mikrotik box, which many people do already. I never had much luck past the initial research stage.

That won't work. It simply doesn't scale. The built in caching resolver is fine for small scale but isn't a DNS implementation that can handle a few thousand to tens of thousands of static records. It also doesn't scale when you try to do this in more than one router. Build a proper DNS server, implement this, and have the router refer to that central server. That'll work much, much better.
You may be able to pull it off on an x86 box, but you're still going to put a lot of stress on the router doing something that isn't routing packets. Small RouterBOARDs are simply going to choke completely.

There's some past threads you can look up regarding this very topic.

Including, if you're really inclined to try it, a Perl script that converts hosts files like that into ROS scripts to effectively import them.

That won't work. It simply doesn't scale. The built in caching resolver is fine for small scale but isn't a DNS implementation that can handle a few thousand to tens of thousands of static records. It also doesn't scale when you try to do this in more than one router. Build a proper DNS server, implement this, and have the router refer to that central server. That'll work much, much better.
You may be able to pull it off on an x86 box, but you're still going to put a lot of stress on the router doing something that isn't routing packets. Small RouterBOARDs are simply going to choke completely.

There's some past threads you can look up regarding this very topic.

Including, if you're really inclined to try it, a Perl script that converts hosts files like that into ROS scripts to effectively import them.

I'm not disagreeing with you, as, like I said, I never got much past the research stage. However, what I would like to ask is how would lesser hardware running tomato firmware be able to handle a huge amount of static dns records (when the host file is implemented via script on, say, a linksys wrt54gl) but a "more powerful" routerboard will choke?

I know tomato uses dnsmasq; isn't the mikrotik implementation similar?

There's no host file on RouterOS you can stick things into, though. You can only add static records one by one, and they're stored who knows how. However their caching resolver is written makes it unable to deal with such a huge number of static records (and I think it would even fail on that many dynamic, cached records).

When I loaded such a host file on my home RB750G it took 5 minutes for the script to import. Then the router was running at 100%, and only had 1MB of RAM left. I removed them all via "remove [find]" and that again took many, many minutes, and racked up 20K NAND writes. It's not an issue with CPU power, I agree there. It's just how the software is written. It seems to be optimized for a few static records only. If it could be made to use a host file that you just download it would probably work much better, but there just aren't any provisions for that.

Here's the old thread in case you're curious, and want to try it yourself: http://forum.mikrotik.com/viewtopic.php ... 0&p=191586

so from what you guys said i should be runing mikrotik server on a strong cpu and lots of ram, then enter the parasites list one by one?

i think there is a way but we need to think deeper

where to enter the parasites list in the mikrotik?

firewall or proxy?...or may be somewhere else?

i think using a dns service like Opendns.com is a solution,the paid for membership not the free one which allow to add a big list of websites to be blocked or to be reported or to use a 3com officeconnect router with updated spyware and parasites/hijackers/adware/spyware list.