I think it's safe for you to consider that Ubuntu's defaults are secure, at least as secure as anything involving electrons can be.
Firestarter is a frontend for iptables. According to a poster
in this thread, Ubuntu has a built-in iptables frontend, but I've never used it. Me, I really like Firestarter.
See
man update-rc.d for information on configuring boot-up programs in Debian-based distros.
I like Debian (I run my file server with Debian).
I use Ubuntu because it came factory-installed on this here computer with Broadcom wireless and the wireless works and I don't feel like struggling with it.
What I miss on both compared to Slackware is the simplicity of configuring programs to start or not start on boot by using chmod or editing rc.local (though Debian does include rc.local).
Neither Debian nor Ubuntu has the elegant simplicity of Slackware, but Debian has the same rock-solid stability.
Edit: I do run an anti-virus, which puts me in a minority in the Linux community, but, when it comes to connecting to the internet, I trust no one. Not even me.