From the Ubuntu FAQ:
Since Ubuntu doesn't run any daemons that listen to the outside world by default (the postfix install only listens on localhost) there's no need for a default firewall.
The rationale is that if a user's got a need for installing a world-facing daemon, they'll be aware that they should configure a firewall/ACL for it too.
I just installed Ubuntu yesterday and like it so far ( I'm a Debian turncoat lol )
The 1st thing I did after the installation was to add the extra repositories so I could download and install Firestarter. Better safe than sorry