Frankly, the things that the CEH course taught scared the **** out of me! Hackers can use the weirdest things to break into systems just about anywhere. Have a look at http://www.backtrack-linux.org as the collection of "tools" is in one package (without instructions for obvious reasons).
WinFingerprint (http://winfingerprint.sourceforge.net) can gather information about your computer (Date & Time, Disks, Event Log, Groups, NetBIOS Shares, Network Type, Null IPC$ Session, ICMP ping, Input Type, Patch Level, RPC Bindings, SNMP, Services, Sessions, TCP SYN Port scan, Traceroute, MAC Address, UDP Port scan, Users and Win32 OS Version).
Other tools like Panopticlick (https://panopticlick.eff.org/) can gather browser information (including add-ons), thus, it is perfectly suited to validate SESSION submissions. My browser rendered:
[indent]Your browser fingerprint appears to be unique among the 2,188,882 tested so far.
Currently, we estimate that your browser has a fingerprint that conveys at least 21.06 bits of identifying information.
It includes specifics about User Agent, HTTP_ACCEPT Headers, Browser Plugin Details, Time Zone, Screen Size and Color Depth, System Fonts, Are Cookies Enabled? and Limited supercookie test. If that's not enough information to verify a SESSION, I don't know what would be! Okay, it's gross overkill but it works to isolate my computer (browser).
See their paper at https://panopticlick.eff.org/browser-uniqueness.pdf.[/indent]
Take a look at PanOptiClick's links as there is a wealth of information there!
Pick and choose from the array of information to create a salt for a hash and you'll be able to identify a computer pretty easily - or verify the identity of a SESSION owner.