Ubuntu, and most Linuxes, by default come with an empty /etc/hosts.deny file. I'd argue that by default it really should look like this:
$ cat /etc/hosts.deny
- If you don't know what how the /etc/hosts system works, you shouldn't allow others to access your machine.
- If you do know how it works, then you know enough to edit the files to do what you want.